Threat Actor Profile: APT29
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…
Insecure Direct Object References (IDOR): A Deep Dive into the #1 Vulnerability Found by Penetration Testers in 2023
Insecure Direct Object References (IDOR) vulnerabilities have been a consistent thorn in the side of web application security. In 2023, it was identified as the top vulnerability discovered by penetration…
Top 10 Vulnerabilities and Misconfigurations Found by Pen Testers in 2023
In the ever-evolving landscape of cybersecurity, it is crucial to stay updated with the latest vulnerabilities and misconfigurations that threat actors exploit. This article provides a detailed overview of the…
Unchecked Privileges: The Risks of Third-Party Windows Installers
In a recent blog post by Mandiant, a cybersecurity firm, they highlighted the potential risks associated with third-party Windows installers. The post emphasizes how threat actors can exploit these installers…
SmokeLoader Malware: A Deep Dive into UAC-0006’s Polyglot Attack
In the ever-evolving landscape of cyber threats, the UAC-0006 threat actor group has recently resurfaced with a new wave of attacks. This time, they're deploying the SmokeLoader malware through a…
CERT-UA Unveils Escalation in Cyberattacks: An In-Depth Analysis
In a recent report, the Computer Emergency Response Team of Ukraine (CERT-UA) has highlighted a significant increase in cyberattacks against the country’s civil infrastructure websites, particularly those of government agencies…
MITRE Engenuity Introduces Threat Report ATT&CK Mapper (TRAM)
MITRE Engenuity's Centre for Threat-Informed Defence has developed a new open-source platform, the Threat Report ATT&CK Mapper (TRAM). TRAM is designed to advance research into automating the mapping of cyber…
APT41 Hackers Unleash WyrmSpy and DragonEgg Spyware on Android Users
The notorious APT41 hacking group, known for their extensive cyber-espionage operations, has turned their attention to Android devices, deploying two newly discovered spyware strains, WyrmSpy and DragonEgg. These strains, discovered…
GitHub warns of Lazarus hackers targeting devs with malicious projects
GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. Source: GitHub…
MOVEit body count closes in on 400 orgs, 20M+ individuals
‘One of the most significant hacks of recent years,’ we’re told The number of victims and costs tied to the MOVEit file transfer hack continues to climb as the fallout…