Vulnerabilities & Alerts
CVE-2025-7775 – Memory Overflow Vulnerability in Citrix NetScaler
by •
Executive SummaryFollowing the actively exploited vulnerability in Citrix NetScaler (CVE-2025-7775), this summary provides an overview of the technical details and the associated risks. The flaw, a critical memory overflow, has been added by CISA to its Known Exploited Vulnerabilities (KEV) catalog due to confirmed in-the-wild exploitation. It allows unauthenticated remote code execution on vulnerable appliances,…
CTI & OSINT
APT29 — Factual Brief
by •
I use the label “APT29,” also known as Cozy Bear, The Dukes, NOBELIUM, and—under Microsoft’s taxonomy—Midnight Blizzard. Public reporting predominantly attributes this actor to Russia’s Foreign Intelligence Service (SVR), and the multiple aliases reflect vendor naming schemes. Objectives and targeting I observe a primary espionage focus on governments, diplomatic missions, think tanks, IT/Cloud providers, and…
CTI & OSINT
Secret Messengers (NSA/GCHQ, 2025)
by •
I had long wanted to examine the intelligence employed during the Second World War. Drawing on the training I received at the École de Guerre Économique (EGE), I present here a neutral, factual synthesis, accompanied by full references as well as the original document that served as my source. This article synthesizes the report Secret…
CTI & OSINT
ShinyHunters, Scattered Spider and sp1d3rhunters Malware
by •
I am sharing an analysis of two groups making headlines in the cybersecurity landscape, along with the sp1d3rhunters malware.All information comes from open sources, so you can verify every detail presented in this article. I wish you an excellent read. 1. General overview and history: ShinyHunters is a financially motivated hacking group that emerged in…
Open Source & Tools
Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments
by •
On August 6, 2025, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) sounded the alarm on a newly disclosed high-severity vulnerability affecting Microsoft Exchange Server in hybrid deployment scenarios. Tracked as CVE-2025-53786, the flaw allows a threat actor with administrative access to an on-premises Exchange server to escalate privileges in the organization’s Exchange…
Vulnerabilities & Alerts
CISA Vulnerability Summary – Week of July 21, 2025
by •
Summary: I analyzed the Vulnerability Summary for the Week of July 21, 2025 published by CISA. This bulletin lists 176 new vulnerabilities discovered that week. In this article, I present all these vulnerabilities in a factual and structured manner, organized by affected product or vendor. For each product, you’ll find the CVE identifier, CVSS severity…
Projects & Governance
The Pomodoro Technique in a CERT/CSIRT Environment: My Field Experience
by •
I remember a typical morning in our CERT team: a hundred alerts were already piling up in the SIEM console, my phone was flashing with urgent messages, and a critical incident report still needed to be finalized. Staying focused in this chaos was a constant challenge. It was in this high-pressure context that I decided…
CTI & OSINT
How the MIKRONET Toolkit Compromises MikroTik Routers
by •
I adapted this article from my LinkedIn newsfeed to highlight not only a new cyber threat but also a brilliant cybersecurity researcher: Ms. Tammy HARPER. She published a detailed article on July 10, 2025, exposing a new exploitation framework named MIKRONET that has been put up for sale on Russian-speaking forums. Sold for $2,800 per…
CTI & OSINT
The Interlock Ransomware and the Joint Cybersecurity Advisory of July 22, 2025
by •
I am revisiting the advisory published on July 22, 2025, in which several U.S. and North American government agencies issued a joint cybersecurity advisory regarding the Interlock ransomware, specifically targeting businesses and critical infrastructure across North America and Europe. This advisory stems from recent investigations conducted by the Federal Bureau of Investigation (FBI), the Cybersecurity…
