Our news

  • From 4chan Trolling to Hacktivism

    2003: Origins on 4chan Before the online collective of Hacktivists came to be known as Anonymous, their beginnings could be traced to a group of internet trolls on the once popular imageboard website, 4chan. It was here that users would conglomerate and share images alongside the infamous “Green Text”, comments saying any number of vicious…

    READ MORE

  • Click Here! Malvertising and its Effective Manipulation

    “WARNING! Your iPhone is infected with virus and immediate urgent action is required!” – this was the pop-up that displayed itself on the face of Andrew Reed’s phone. A pop-up that was invoked because of an unintentional click to a website link that was displayed at the top of Google’s search results for “Cookie Recipes”.…

    READ MORE

  • Vulnerability Summary for the Week of March 17, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Synology–Unified Controller (DSMUC)  Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the system via unspecified…

    READ MORE

  • Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066

    A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, GitHub Personal Access Tokens (PATs), npm tokens, and private…

    READ MORE

  • Vulnerability Summary for the Week of March 10, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1E–1E Client  Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links. 2025-03-12…

    READ MORE

  • CISA Releases Thirteen Industrial Control Systems Advisories

    CISA released thirteen Industrial Control Systems (ICS) advisories on March 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-072-01 Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation ICSA-25-072-02 Siemens SINEMA Remote Connect Server ICSA-25-072-03 Siemens SIMATIC S7-1500 TM MFP ICSA-25-072-04 Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP ICSA-25-072-05 Siemens…

    READ MORE

  • #StopRansomware: Medusa Ransomware

    Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see…

    READ MORE

  • Russia’s Persistent Threat to Cyberspace

    Evidence from 2017-2025 Recently, there has been a surprising question circulating: ‘Is Russia a threat to the United States?’ The short answer is yes, and we will explain why—starting with the history of attacks carried out by Russian threat actors.  In May 2024, a Russian-linked ransomware attack paralyzed a major U.S. energy provider, plunging thousands…

    READ MORE

  • CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware

    Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released joint Cybersecurity Advisory, #StopRansomware: Medusa Ransomware. This advisory provides tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and detection methods associated with known Medusa ransomware activity. Medusa is a ransomware-as-a-service variant used to conduct ransomware attacks;…

    READ MORE

  • Vulnerability Summary for the Week of March 3, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a–n/a  Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request. 2025-03-04 10 CVE-2024-50704 n/a–n/a  Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute…

    READ MORE