Volexity

VerdantBamboo: Just Another BRICKSTORM in the Firewall (opens in new tab)

Covered by 8 sources See all sources covering this story including BleepingComputer, This Week In 4n6

In September 2025, Volexity conducted an incident response engagement that began after suspicious network traffic was observed from a Linux-based virtual machine appliance on a customer’s network. The virtual machine was an Egnyte Storage Sync system, which is designed to facilitate sync local on-premise files with the cloud. Volexity discovered that instead of connecting to a domain affiliated with Egnyte, the appliance was connecting to a threat-actor-controlled domain behind Cloudflare IP ...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 8 articles

BleepingComputer·

Chinese APT deploys new malware to keep access to hacked networks

Discussed on r/SecOpsDaily
Feeds
This Week In 4n6·

Week 23 – 2026

Feeds
The Hacker News·

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

Feeds
View all 8 ›

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help