@satyamrastogi
Nothing here yet.
Nothing here yet.
11h ago · 7 min read · Originally published on satyamrastogi.com NIST's decision to deprioritize enrichment for non-CISA KEV CVEs creates a two-tier vulnerability landscape. Attackers now weaponize untracked CVEs before defenders even catalog them. NVD Enrichment Triage:...
Join discussion
1d ago · 6 min read · Originally published on satyamrastogi.com A 6-year ransomware campaign targeting Turkish SMBs and homes reveals critical gaps in threat reporting and detection. Attackers exploit low visibility in small-target ecosystems to maintain persistence with...
Join discussion
3d ago · 8 min read · Originally published on satyamrastogi.com Basic-Fit's 1M member breach reveals systemic weaknesses in SaaS membership platforms. Attack likely leveraged credential compromise or API exploitation targeting customer databases without proper segmentati...
Join discussion
4d ago · 7 min read · Originally published on satyamrastogi.com Analysis of PlugX RAT distribution through counterfeit Claude website. Exploitation chain combines DLL sideloading with supply chain targeting. Attack methodology, detection evasion, and hardening strategies...
Join discussion
5d ago · 5 min read · Originally published on satyamrastogi.com Nearly 4,000 internet-exposed Rockwell Automation PLCs identified in active Iranian reconnaissance campaigns. Analysis of OT attack surface, device enumeration tactics, and payload delivery mechanisms target...
Join discussion