The UK Further and Higher Education sectors are increasingly becoming targets for cyber-attacks. These attacks range from opportunistic ransomware operations to more sophisticated Advanced Persistent Threat (APT) groups. This report…
APT28, also known as Fancy Bear, Pawn Storm, Strontium, Sofacy, Sednit, and Tsar Team, is a highly sophisticated threat actor that has been active since at least 2007. This group…
Introduction APT31 (also known as Zirconium or Judgment Panda) is an Advanced Persistent Threat group whose mission is likely to gather intelligence on behalf of the Chinese government. Similar to…
In the recently released “Threat Intelligence Report 2023” by Nokia, the company provides an in-depth analysis of the current cybersecurity landscape, particularly focusing on telecom networks and customer data. The…
Managed File Transfer (MFT) solutions are essential tools for businesses to securely transfer sensitive data. However, like any software, they can be vulnerable to exploits if not properly managed and…
Online and at conferences, people ask me how to get started in threat intel. What I usually offer as advice to budding analysts starting out is to practise analysing things…
The Evasive Panda Advanced Persistent Threat (APT) group, also known as BRONZE HIGHLAND and Daggerfly, has been active since at least 2012. This Chinese-speaking APT group has been conducting cyberespionage…
Insider threats are a significant cybersecurity risk that originates from within an organisation. These threats can come from current or former employees, contractors, or anyone else with intimate knowledge of…
APT30, also known as APT-C-30, is a China-based cyber espionage group that has been active since at least 2005. The group has targeted multiple industries, including the aerospace, government, defense,…
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…