Skip to content
Saturday, May 16, 2026
  • PawsRunner Steganography Shows Infostealers Are Hiding in Plain Sight
  • BlackFile Vishing Campaign Shows Why MFA Alone Is Not Enough
  • Gremlin Stealer Shows Why Browser Sessions Are Now High-Value Targets
  • Cisco SD-WAN Exploitation Shows Edge Controllers Need Emergency Review
Register / Sign Up
RSS
Bulwark Black LLC

Bulwark Black LLC

Cyber Security | Software Development | Consulting Services

  • Cyber Threat Intelligence
    • Russian Cyber Threat Intelligence
      • Russian Actors and Alias’s 09JAN2024
    • Chinese Cyber Threat Intelligence
      • Chinese Actors and Alias’s
    • North Korean Cyber Threat Intelligence
      • North Korean Actors and Alias’s
    • Iranian Cyber Threat Intelligence
      • Iranian Actors and Alias’s
    • Malware
      • Top 200 Malware of January 2024
    • Global Cyber Threat Intelligence
      • Global Threat Actors
  • Defensive Security
    • Detection
  • Offensive Security
    • Bug Bounty
    • Offensive Devices / Tactics
    • Red Teaming
  • AI (Artificial Intelligence)
    • AI (General)
  • Privacy & Security
    • Becoming Self Sufficient
    • Digital Assets
    • Makes you Think
    • Social Engineering
  • Research Papers
  • Training / Projects
    • Projects
    • Training
  • Blog
    • Cyber Security Blog
  • Contact
  • About
  • Donations
  • Products
    • VA Disability Calc & Track App
  • Services
  • Operational Technology (OT)
  • PawsRunner Steganography Shows Infostealers Are Hiding in Plain Sight
  • BlackFile Vishing Campaign Shows Why MFA Alone Is Not Enough
  • Gremlin Stealer Shows Why Browser Sessions Are Now High-Value Targets
  • Cisco SD-WAN Exploitation Shows Edge Controllers Need Emergency Review
Register / Sign Up
RSS
Bulwark Black LLC

Bulwark Black LLC

Cyber Security | Software Development | Consulting Services

  • Cyber Threat Intelligence
    • Russian Cyber Threat Intelligence
      • Russian Actors and Alias’s 09JAN2024
    • Chinese Cyber Threat Intelligence
      • Chinese Actors and Alias’s
    • North Korean Cyber Threat Intelligence
      • North Korean Actors and Alias’s
    • Iranian Cyber Threat Intelligence
      • Iranian Actors and Alias’s
    • Malware
      • Top 200 Malware of January 2024
    • Global Cyber Threat Intelligence
      • Global Threat Actors
  • Defensive Security
    • Detection
  • Offensive Security
    • Bug Bounty
    • Offensive Devices / Tactics
    • Red Teaming
  • AI (Artificial Intelligence)
    • AI (General)
  • Privacy & Security
    • Becoming Self Sufficient
    • Digital Assets
    • Makes you Think
    • Social Engineering
  • Research Papers
  • Training / Projects
    • Projects
    • Training
  • Blog
    • Cyber Security Blog
  • Contact
  • About
  • Donations
  • Products
    • VA Disability Calc & Track App
  • Services
  • Operational Technology (OT)
Recent
  • Cyber threat intelligence illustration of steganography-based malware delivery and PureLogs infostealer activity

    PawsRunner Steganography Shows Infostealers Are Hiding in Plain Sight

    21 minutes ago
  • Abstract CTI illustration of vishing, cloud identity compromise, and SaaS data exfiltration for BlackFile extortion analysis

    BlackFile Vishing Campaign Shows Why MFA Alone Is Not Enough

    5 hours ago
  • Professional cybersecurity illustration showing Gremlin Stealer hiding payloads inside resource files and targeting browser sessions.

    Gremlin Stealer Shows Why Browser Sessions Are Now High-Value Targets

    10 hours ago
  • Editorial cybersecurity illustration of Cisco SD-WAN controllers under active exploitation through authentication bypass and webshell activity.

    Cisco SD-WAN Exploitation Shows Edge Controllers Need Emergency Review

    1 day ago
  • Editorial cybersecurity illustration of a modular Russian espionage botnet architecture with covert command-and-control paths.

    Kazuar Shows Russian Espionage Malware Is Engineering for Resilience

    1 day ago
  • Editorial cybersecurity illustration of exposed AI applications and cloud-native workloads at risk from misconfiguration

    Exposed AI Apps Turn Misconfiguration Into RCE Risk

    1 day ago
  • Professional cybersecurity illustration of defenders prioritizing Microsoft Patch Tuesday vulnerabilities across servers and identity systems.

    May 2026 Patch Tuesday: How SMBs Should Prioritize 132 Microsoft CVEs

    2 days ago
  • Editorial cybersecurity illustration of ransomware-as-a-service infrastructure exposed by a leaked backend database.

    The Gentlemen RaaS Leak Shows Ransomware Is Still an Edge-Device Problem

    2 days ago
  • Cybersecurity illustration of a trusted software download site being abused to deliver poisoned installers in a supply chain attack.

    JDownloader Site Compromise Shows Why Trusted Downloads Still Need Verification

    6 days ago
  • Editorial cybersecurity illustration of a fake AI model repository hiding an infostealer attack chain.

    Fake OpenAI Hugging Face Repo Shows AI Supply Chain Risk Is Already Here

    6 days ago
Cyber threat intelligence illustration of steganography-based malware delivery and PureLogs infostealer activity
  • Cyber Security Blog
  • General CTI
21 minutes ago

PawsRunner Steganography Shows Infostealers Are Hiding in Plain Sight

FortiGuard Labs reports PureLogs is being delivered through PawsRunner steganography. Here is what SMBs and government contractors should watch for defensively.

Abstract CTI illustration of vishing, cloud identity compromise, and SaaS data exfiltration for BlackFile extortion analysis
  • Cyber Security Blog
  • General CTI
5 hours ago

BlackFile Vishing Campaign Shows Why MFA Alone Is Not Enough

GTIG reports UNC6671 / BlackFile is using vishing, AiTM phishing, and SaaS data theft to extort organizations. Here is what SMBs and government contractors should harden now.

Professional cybersecurity illustration showing Gremlin Stealer hiding payloads inside resource files and targeting browser sessions.
  • Cyber Security Blog
  • General CTI
10 hours ago

Gremlin Stealer Shows Why Browser Sessions Are Now High-Value Targets

Unit 42 reports Gremlin Stealer has evolved with resource-file obfuscation, session hijacking, Discord token theft, and crypto clipboard fraud. Here is what SMBs and government contractors should do defensively.

Editorial cybersecurity illustration of Cisco SD-WAN controllers under active exploitation through authentication bypass and webshell activity.
  • Cyber Security Blog
  • General CTI
1 day ago

Cisco SD-WAN Exploitation Shows Edge Controllers Need Emergency Review

Cisco Talos reports active exploitation of Catalyst SD-WAN authentication bypass and related vulnerabilities. Here is what SMBs and government contractors should prioritize now.

Microsoft to Disable 30-Year-Old NTLM Authentication Protocol by Default
  • General CTI

Microsoft to Disable 30-Year-Old NTLM Authentication Protocol by Default

Coruna iOS Exploit Kit: Nation-State Spyware Tools Now Targeting Crypto Wallet Users
  • General CTI

Coruna iOS Exploit Kit: Nation-State Spyware Tools Now Targeting Crypto Wallet Users

Russian Hackers Launch Coordinated Cyberattacks on Poland’s Renewable Energy Infrastructure
  • Russian Cyber Threat Intelligence

Russian Hackers Launch Coordinated Cyberattacks on Poland’s Renewable Energy Infrastructure

Chinese APT Red Menshen Plants Stealthy BPFdoor Backdoors in Global Telecom Networks
  • Chinese Cyber Threat Intelligence

Chinese APT Red Menshen Plants Stealthy BPFdoor Backdoors in Global Telecom Networks

Cyber threat intelligence illustration of steganography-based malware delivery and PureLogs infostealer activity
  • Cyber Security Blog
  • General CTI
  • Malware

PawsRunner Steganography Shows Infostealers Are Hiding in Plain Sight

acint21 minutes ago03 mins

FortiGuard Labs reports PureLogs is being delivered through PawsRunner steganography. Here is what SMBs and government contractors should watch for defensively.

Read More
Abstract CTI illustration of vishing, cloud identity compromise, and SaaS data exfiltration for BlackFile extortion analysis
  • Cyber Security Blog
  • General CTI
  • Privacy & Security

BlackFile Vishing Campaign Shows Why MFA Alone Is Not Enough

acint5 hours ago04 mins

GTIG reports UNC6671 / BlackFile is using vishing, AiTM phishing, and SaaS data theft to extort organizations. Here is what SMBs and government contractors should harden now.

Read More
Professional cybersecurity illustration showing Gremlin Stealer hiding payloads inside resource files and targeting browser sessions.
  • Cyber Security Blog
  • General CTI
  • Malware

Gremlin Stealer Shows Why Browser Sessions Are Now High-Value Targets

acint10 hours ago04 mins

Unit 42 reports Gremlin Stealer has evolved with resource-file obfuscation, session hijacking, Discord token theft, and crypto clipboard fraud. Here is what SMBs and government contractors should do defensively.

Read More
Editorial cybersecurity illustration of Cisco SD-WAN controllers under active exploitation through authentication bypass and webshell activity.
  • Cyber Security Blog
  • General CTI

Cisco SD-WAN Exploitation Shows Edge Controllers Need Emergency Review

acint1 day ago04 mins

Cisco Talos reports active exploitation of Catalyst SD-WAN authentication bypass and related vulnerabilities. Here is what SMBs and government contractors should prioritize now.

Read More
Editorial cybersecurity illustration of a modular Russian espionage botnet architecture with covert command-and-control paths.
  • Cyber Security Blog
  • General CTI
  • Malware
  • Russian Cyber Threat Intelligence

Kazuar Shows Russian Espionage Malware Is Engineering for Resilience

acint1 day ago04 mins

Microsoft reports that Kazuar, attributed to Russian state actor Secret Blizzard, has evolved into a modular P2P botnet. Here is what SMBs and government contractors should take from it defensively.

Read More
Editorial cybersecurity illustration of exposed AI applications and cloud-native workloads at risk from misconfiguration
  • AI (General)
  • Cyber Security Blog
  • General CTI

Exposed AI Apps Turn Misconfiguration Into RCE Risk

acint1 day ago04 mins

Microsoft warns that publicly exposed AI apps, MCP servers, and Kubernetes-hosted agent tooling can turn weak defaults into practical paths for RCE, credential theft, and data exposure.

Read More
Professional cybersecurity illustration of defenders prioritizing Microsoft Patch Tuesday vulnerabilities across servers and identity systems.
  • Cyber Security Blog
  • General CTI

May 2026 Patch Tuesday: How SMBs Should Prioritize 132 Microsoft CVEs

acint2 days ago04 mins

Microsoft’s May 2026 Patch Tuesday shipped 132 CVEs. Here is how SMBs and government contractors should prioritize identity, server, and Office risks first.

Read More
Editorial cybersecurity illustration of ransomware-as-a-service infrastructure exposed by a leaked backend database.
  • Cyber Security Blog
  • General CTI
  • Malware

The Gentlemen RaaS Leak Shows Ransomware Is Still an Edge-Device Problem

acint2 days ago04 mins

Check Point’s look inside The Gentlemen ransomware operation is a useful reminder for SMBs and government contractors: exposed edge appliances, weak identity controls, and unmanaged remote access paths still drive real ransomware risk.

Read More
Cybersecurity illustration of a trusted software download site being abused to deliver poisoned installers in a supply chain attack.
  • Cyber Security Blog
  • General CTI
  • Malware

JDownloader Site Compromise Shows Why Trusted Downloads Still Need Verification

acint6 days ago05 mins

Attackers swapped selected JDownloader website download links with malicious installers. Here is what SMB and government-contractor defenders should do about trusted-download risk.

Read More
Editorial cybersecurity illustration of a fake AI model repository hiding an infostealer attack chain.
  • AI (General)
  • Cyber Security Blog
  • General CTI
  • Malware
  • Social Engineering

Fake OpenAI Hugging Face Repo Shows AI Supply Chain Risk Is Already Here

acint6 days ago04 mins

A fake OpenAI Privacy Filter repository on Hugging Face delivered Windows infostealer malware. Here is what SMB and gov-contractor defenders should take from it.

Read More
  • 1
  • 2
  • 3
  • …
  • 29

File Search

2
ThumbNameSizeDate
Thumb IOCs_YARA_TTPs_Posted_Articles/ IOCs_YARA_TTPs_Posted_Articles

IOCs_YARA_TTPs_Posted_Articles

Open 99.71 KB 2024-01-12 January 12, 2024 2024-03-22 March 22, 2024
21 Items
99.71 KB
March 22, 2024

0

4284ef357b

You May Have Missed

  • Malware

Phorpiex Botnet Resurfaces: Phishing Campaign Delivers Offline-Capable Global Group Ransomware

acint 3 months ago
Editorial cybersecurity illustration of exposed AI applications and cloud-native workloads at risk from misconfiguration
  • AI (General)
  • Cyber Security Blog

Exposed AI Apps Turn Misconfiguration Into RCE Risk

acint 1 day ago
  • North Korean Cyber Threat Intelligence

BlueNoroff’s GhostCall and GhostHire Campaigns Use Stolen Victim Videos to Compromise Crypto Executives

acint 3 months ago
  • Russian Cyber Threat Intelligence

Russian Hackers Launch Coordinated Cyberattacks on Poland’s Renewable Energy Infrastructure

acint 3 months ago3 months ago
Satellite over Earth with glowing geospatial data streams representing NASA Prithvi AI in orbit
  • Makes you Think

NASA Put a Geospatial AI Foundation Model in Orbit — That Should Make You Think

acint 1 week ago
  • Business

Aisuru Botnet Shatters Records with 31.4 Tbps DDoS Attack

acint 4 months ago4 months ago
  • Chinese Cyber Threat Intelligence
  • Malware

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno

bulwarkblack 2 years ago2 years ago

    Adidas Investigates Third-Party Data Breach as Lapsus$ Claims 815,000 Records Stolen

    acint 3 months ago
    2026 Powered By BlazeThemes.