intrusion detection

China-linked spies backdoored authentication stack to stay hidden for years

APT, authentication, Don't miss, enterprise, Hot stuff, intrusion detection, Linux, News, remediation, Sygnia, threat hunting /

China-linked spies backdoored authentication stack to stay hidden for years 2026-06-15 at 18:27 By Zeljka Zorz A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia. The group’s […]

China-linked spies backdoored authentication stack to stay hidden for years Read More »

Why a decade-old EnCase driver still works as an EDR killer

cyberattack, Don't miss, drivers, Endpoint Security, Hot stuff, intrusion detection, News, Windows /

Why a decade-old EnCase driver still works as an EDR killer 2026-02-05 at 14:02 By Zeljka Zorz Attackers are leaning on a new EDR killer malware that can shut down 59 widely used endpoint security products by misusing a kernel driver that once shipped with Guidance Software’s EnCase digital forensics tool, Huntress researchers warn. This

Why a decade-old EnCase driver still works as an EDR killer Read More »

Meet ARGUS, the robot built to catch hackers and physical intruders

access control, cybersecurity, Don't miss, hardware, Incident Response, intrusion detection, News, research /

Meet ARGUS, the robot built to catch hackers and physical intruders 2025-10-06 at 08:38 By Sinisa Markovic Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and together those actions create a bigger risk than either one alone. Most

Meet ARGUS, the robot built to catch hackers and physical intruders Read More »

Suricata: Open-source network analysis and threat detection

cybersecurity, Don't miss, Hot stuff, intrusion detection, network analysis, News, OISF, open source, penetration testing, software, threat detection /

Suricata: Open-source network analysis and threat detection 2024-10-02 at 07:31 By Help Net Security Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files

Suricata: Open-source network analysis and threat detection Read More »

Active Directory compromise: Cybersecurity agencies provde guidance

access management, Active Directory, Don't miss, enterprise, guide, Hot stuff, identity management, intrusion detection, News, tips /

Active Directory compromise: Cybersecurity agencies provde guidance 2024-09-26 at 17:31 By Zeljka Zorz Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost a standard step in cyber intrusions. “Active Directory is susceptible to compromise due to its

Active Directory compromise: Cybersecurity agencies provde guidance Read More »

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs

0-day, ACROS Security, Don't miss, Hot stuff, intrusion detection, logging, News, PoC, Windows, Windows Server /

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs 2024-01-31 at 18:31 By Zeljka Zorz A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs Read More »

Scroll to Top