Aggregator

You must login to view this content

You must login to view this content

You must login to view this content

Cybersecurity researchers have developed innovative forensic methods to track sophisticated attackers who exploit Remote Desktop Protocol (RDP) for lateral movement within enterprise networks.  This breakthrough technique transforms what attackers believe to be stealthy operations into detailed digital footprints, providing incident responders with unprecedented visibility into malicious activities across compromised systems. Key Takeaways1.  Investigators identify RDP […]

The post New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting Remote Desktop Protocol appeared first on Cyber Security News.

A sophisticated malware campaign leveraging the KongTuke threat cluster has emerged, targeting Windows users through a novel FileFix technique that deploys an advanced PHP-based variant of the Interlock remote access trojan (RAT). This represents a significant evolution from previous JavaScript-based implementations, demonstrating increased operational sophistication and resilience. Since May 2025, cybersecurity researchers have observed widespread […]

The post KongTuke Attacking Windows Users With New Interlock RAT Variant Using FileFix Technique appeared first on Cyber Security News.

With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers soon. About CVE-2025-25257 CVE-2025-25257 is found in FortiWeb’s Fabric Connector, the software that allows FortiWeb to communicate with other Fortinet security products (e.g., FortiGate firewalls, FortiSandbox, etc.). The flaw stems from the solution’s failure to properly neutralize special elements and, if triggered, it … More →

The post Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) appeared first on Help Net Security.