Ransomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks. Browser-based attacks, from AITM phishing and ...

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, ...

SANTA CLARA, Calif.--(BUSINESS WIRE)--Ridge Security, cutting-edge automated pen-testing solution provider, announces new capabilities in RidgeBot 3.4, for post-exploitation validation. This new ...

Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally ...

A threat actor has been observed “patching” a vulnerability post exploitation, likely in a bid to lock out other adversaries and secure exclusive access. The novel tactic was detected by Red Canary ...

A post-exploitation attack method has been uncovered that allows adversaries to read cleartext user passwords for Okta, the identity access and management (IAM) provider — and gain far-ranging access ...

A new post-exploitation attack method has been discovered that enables potential attackers to read users’ passwords and credentials in the audit logs of software by enterprise identity solution ...

Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response. With zero-day attacks ...