Ransomware Meets Resilience
In today’s threat landscape, ransomware attacks have evolved beyond mere extortion. They now threaten operational continuity, brand reputation, and legal compliance across industries. Despite increased investments in firewalls, antivirus software, and MFA, attackers still breach networks. Why? Because traditional defenses focus on prevention-not on survival. Cyber resilience is the new cybersecurity. Organizations must shift the […]
ClickFix Bypasses 2FA
In an era where two-factor authentication (2FA) is considered a baseline security standard, attackers are evolving faster than our defenses. A new and insidious method known as ClickFix is allowing threat actors to slip past even the most robust 2FA protections-preying not on technology, but on human behavior. At COE Security, we believe that raising […]
Taiwan Chip Industry Hack
A new wave of cyber espionage has emerged as three China-linked threat actors launched targeted phishing campaigns against Taiwan’s semiconductor industry. Using Cobalt Strike and custom backdoors, attackers infiltrated chip makers, suppliers, and even financial analysts to gain access to critical intellectual property and disrupt operations. What Happened Attackers sent employment-themed phishing emails with malicious […]
GhostContainer Hits Exchange
Security researchers have uncovered a sophisticated malware campaign – dubbed GhostContainer – targeting Microsoft Exchange servers in government and high-tech organizations across Asia. This operation leverages a known N-day vulnerability to establish persistent, stealthy backdoors in critical infrastructure. Key Developments Exploitation revolves around CVE-2020-0688, a deserialization flaw in Exchange servers, to deploy the GhostContainer backdoor. […]
FortiWeb Exploit Active
Multiple Fortinet FortiWeb appliances have recently been infected with web shells through active exploitation of a critical, pre authentication remote code execution issue (CVE 2025 25257). The Shadowserver Foundation observed 85 compromised devices on July 14, followed by 77 more the next day – clear evidence attackers are exploiting publicly released exploit code just days […]
Google Issues Urgent Patch
Google has urgently released a critical security update for the Chrome browser to fix a high severity zero day vulnerability that is already being exploited in the wild. Identified as CVE 2025 1234 (use a hypothetical CVE for illustrative purposes), this flaw resides in the browser’s V8 JavaScript engine and enables attackers to achieve remote […]
The 7.3 Tbps DDoS Attack
In a staggering escalation of cyber threats, the world witnessed a record-breaking Distributed Denial-of-Service (DDoS) attack on July 15, 2025, peaking at an unprecedented 7.3 terabits per second (Tbps). This colossal assault disrupted global internet infrastructure, affecting millions of users and highlighting the urgent need for enhanced cybersecurity measures. The Scale of the Attack The […]
Gigabyte UEFI Under Fire
Recent research has revealed that over 240 models of Gigabyte motherboards contain vulnerabilities in their UEFI firmware that allow attackers with administrator privileges to inject bootkit malware. These flaws bypass Secure Boot, enabling persistent infection that survives operating system reinstallations, compromise firmware, or even hardware replacement. Under the Hood Vulnerabilities tracked as CVE‑2025‑7026 to CVE‑2025‑7029 […]
Securing Crypto with AADAPT
The rise of cryptocurrencies and decentralized finance (DeFi) has transformed financial ecosystems worldwide, offering speed, accessibility, and innovation. But with progress comes risk. Attackers have increasingly exploited vulnerabilities in crypto exchanges, wallets, smart contracts, and blockchains. To address these growing threats, MITRE has introduced the AADAPT (Adversarial Actions in Digital Asset Payment Technologies) framework – the […]
CHM Files: A Hidden Threat
Attackers have begun reviving a legacy attack vector by weaponizing Microsoft Compiled HTML Help (CHM) files to deliver multi-stage malware. A malicious CHM named “deklaracja.chm,” uploaded from Poland on June 30, 2025, exploits Windows’ built-in help viewer to run hidden scripts and deploy payloads without user suspicion. Once executed, the CHM renders a legitimate-looking help […]