Evading SIEM Rules – Academic Paper
The recent paper, “You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks” highlights the ongoing battle in cybersecurity between attackers’ evasion tactics and the defenders’ efforts to…
LummaC2 Malware’s Advanced Anti-Sandbox Techniques
LummaC2, a notorious malware-as-a-service (MaaS), has developed sophisticated evasion techniques to circumvent security measures and exfiltrate sensitive data from compromised systems. The malware, written in C, has been operational since…
NetSupport as a RAT – The Resurgence of a Covert Threat
The NetSupport RAT has emerged as a significant cyber threat, exploiting legitimate remote administration tools for malicious purposes. This report provides an in-depth analysis of recent incidents, targets, and the…
Uncovering SSH Vulnerability: Extracting RSA Keys from Server Signing Errors
Recent academic research has uncovered a significant vulnerability in Secure Shell (SSH) servers, a widely used protocol for secure communication in tasks like remote system access, file transfers, and system…
Russian APT29 Exploits WinRAR and Ngrok in Embassy Cyberattacks
APT29, a Russian hacker group, has strategically employed the CVE-2023-38831 vulnerability in WinRAR in a series of cyberattacks targeting embassies. Known for its various aliases, including Cozy Bear and SolarStorm,…
Morgan Stanley’s Data Breach: A Case Study in Cybersecurity Negligence
Morgan Stanley, a renowned multinational investment bank and financial services company, has been fined $6.5 million due to insecure disposal of hardware containing unencrypted personal information, exposing millions of customers…
Threat Actor Profile: Lockbit
The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit, highlighting their…
LockBit Reforms Negotiation Tactics
LockBit ransomware group has restructured its negotiation methods, addressing declining ransom payments. The lack of standard negotiation protocols previously led to varied results, with many victims opting not to pay.…
Rhysida Cyber-attack on the British Museum
The British Museum, a renowned cultural institution in the UK, suffered a significant cyberattack in late October 2023. The attack resulted in a major IT outage, disrupting essential services. This…
Boeing’s Cybersecurity Breach by LOCKBIT Ransomware
Boeing, a renowned aerospace company, recently fell victim to a cybersecurity incident perpetrated by the LOCKBIT ransomware group. The attack, which came to light in late October 2023, is a…