ASEC Blog publishes Ransom & Dark Web Issues Week 5, October 2024 Data from the famous Saudi Arabian company Ajlan Bros Holding leaked on BreachForums New ransomware ‘PlayBoy’ discovered Dutch...

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that...

IntroductionThis CTI Research Guide aims to help practitioners learn more about how to effectively perform the collection, processing, analysis, and production stages of the CTI lifecycle.It...

As industrial systems expand and become more connected, risk-based vulnerability management has become a cornerstone of OT cybersecurity. This approach... The post 5 Reasons Why Risk-Based...

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware...

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware...

In a world ran by advertising, businesses and organizations are not the only ones using this powerful tool. Cybercriminals have a knack for exploiting the engine that powers online platforms by...

In a world ran by advertising, businesses and organizations are not the only ones using this powerful tool. Cybercriminals have a knack for exploiting the engine that powers online platforms by...

Cryptocurrency enthusiasts have been the target of another sophisticated and invasive malware campaign. This campaign was orchestrated through multiple attack vectors, including a malicious Python...

This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort.

Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results.

Researchers observed an attacker exploiting CVE-2024-38094—a vulnerability in Microsoft SharePoint. The attacker gained unauthorized access, escalated privileges, and moved laterally across the...

Research uncovered an operation named EMERALDWHALE that compromised over 15,000 cloud service credentials by exploiting exposed Git configurations and other misconfigured web services. The attack...

Bug bounty is great for finding bugs that stem across multiple products at a company that have massive impact. This is one of those vulnerabilities on Electronic Arts. At the beginning of the...

The following is the information on Yara and Snort rules (week 5, October 2024) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source PK_EDD_prncpal...

Explore the essential role of Cyber Threat Intelligence (CTI) in understanding and mitigating cybersecurity threats - detailing its types, processes, and effective implementation in enhancing...

You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it

In a previous post, the author broke the firmware encryption that was using Wireless Trusted Module (WSM) on a printer. This time, they target WSM itself. They didn't have a root shell on the...

Lexmark is a common printer brand that the author had looked at before. In a recent update, the Firmware encryption process was changed so they decided to take a look at it after being nudged from...

Chatbots on websites are becoming more and more popular. They usually come in three flavors: GenAI bot fed customer data to answer questions, simple FAQ on internal and external information and a...

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat...

Wiz extends its cloud-native runtime sensor to secure serverless containers, providing deep visibility, blocking, and hunting capabilities for AWS Fargate and Azure Container Apps.

In September 2024, Google Threat Intelligence Group (consisting of Google’s Threat Analysis Group (TAG) and Mandiant) discovered UNC5812, a suspected Russian hybrid espionage and influence...

As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts

ESET researchers discovered a previously undocumented toolset used by Evasive Panda to access and retrieve data from cloud services

Scroll down ↓ Drone footage captured on September 4, 2024, shows damage and destruction in the Ukrainian city of Vovchansk. Credit: Handout/Armed Forces of Ukraine/AFP “I don’t have enough fingers...

Key Takeaways The DFIR Report Services Reports such as this one are part of our All Intel service and are categorized as Threat Actor Insights. Private Threat Briefs: Over 20 … Read More

Discover how we use gamified training at Recorded Future. Engaging exercises simulate real-world threats, boosting employee preparedness and teamwork

Security researcher Anurag Sen discovered an unprotected Amazon Prime database containing pseudonymized viewing data, accessible from the internet without a password. Named "Sauron," the...

Trump campaign immediately blamed Biden White House and Kamala Harris for Chinese government-linked hackChinese government-linked hackers are believed to have targeted phones used by Donald Trump...