Managed 24×7 Cyber Threat Detection and Response in OT/ICS
Industrial Control Systems (ICS) and Operational Technology (OT) play a critical role in the functioning of essential industries such as […]
Emotet Epoch 5
The notorious Emotet malware has returned with a new tactic to evade macro-based security restrictions and infect systems. This time, […]
The Emotet Botnet Epoch4: A Highly Sophisticated and Dangerous Malware Campaign
Emotet is one of the most sophisticated and dangerous malware families currently in existence. It is a modular banking Trojan […]
Digital Risk Management – Threat Hunting for Secrets, Keys and Leaked Source Code on Github
DRM stands for the procedure of locating, evaluating, and minimizing hazards to a company’s digital assets. Background Many firms have […]
ManageEngine RCE Vulnerability (CVE-2022-47966)
A remote code execution vulnerability (CVE-2022-47966) impacting a number of Zoho ManageEngine on-premise products with SAML SSO enabled has been […]
OWASSRF Exploit – Targeting Arbitrary Code Execution on Microsoft Exchange OWA
Two zero-day vulnerabilities in Microsoft Exchange were reportedly being actively exploited on September 29, 2022, with the potential to lead […]
Detecting Rogue Devices on Enterprise Network
Organizations rely on wired networks in today’s hyperconnected environment to link devices and facilitate internal communication. However, it has become […]
Protecting VMWare ESXi Hypervisors from Ransomware
One of the top platforms in the virtualization sector is VMware. Organizations can more effectively use the computing power of […]
Wi-Fi Security – Monitoring Hacking Attempts
Wired Ethernet is no longer the best option for many enterprises. The preferred network access technology for users and endpoints […]
2022 is Over But What Did We Learn From Our Work
Throughout the year, numerous new incidents and rising threats were unveiled to the horror of many. In 2022, the world […]
Why Threat Actors are Now using Rust to Develop New Ransomware?
Rust, a relatively new programming language, was introduced in 2015 and has since gained popularity for its pleasant developer experience […]
Methods to Perform Encrypted Traffic Analysis (ETA)
In addition to considerably enhancing security and user privacy, the introduction of network traffic encryption, such as TLS, has also […]
Why Compromise Assessment Should Be a Part of Your Threat Detection and Response Ecosystem
A typical compromise assessment plan uses specialized software and scripts combined with forensic data to find compromises or problems that […]
WIP19 APT Targeting Organizations in Middle East
With signed malware, a new cyberespionage group has been hitting telecom companies and IT, service providers. The group, known as […]
Using Steganography to Hide Malware – Witchetty APT Case Study
Steganography has been used in the real world on the Windows and macOS operating systems. Attackers have been detected to […]
The Evolution of SideWinder APT and their Modus-Operandi
A suspected Indian threat actor group, Sidewinder, has been operating at least since 2012. They have been seen attacking businesses, […]
Opera1er APT Group Targeting Banks, Financial Institutes, and Mobile Operators across Africa, Asia and LATAM
Since 2016, OPERA1ER, also known as DESKTOP-GROUP, Common Raven, and NXSMS, has been reported to operate with the intention of […]
Royal Ransomware
Royal has been in existence since at least the beginning of 2022, making it a relatively new business. The goal […]
How to Detect Typosquatting using DNSTwist
Typosquatting is a social engineering attack in which a threat actor registers domains with purposefully misspelled versions of well-known companies’ […]
Ursnif/Gozi Malware Evolution and Associated IoC
Gozi is a powerful piece of malware with a wide range of intricate characteristics. It began as a basic banking […]
Detecting Cyber-Attacks on Kubernetes Environment
Kubernetes is a container orchestration system that acts as a management abstraction layer. It is an open-source system that aids […]
An overview of FIN11 and their motivations
A financially driven threat group FIN11 has run some of the most extensive and longest-running malware dissemination campaigns. Researchers have […]
Alert Advisory: Insight into APT29
Threat group APT29 is allegedly operated by Russia’s Foreign Intelligence Service (SVR). They have been active since 2008 and frequently […]
Alert Advisory: Insight into APT42
APT42 is a state-sponsored cyber espionage group in Iran. The gang, which has been active at least since 2015, is […]