Category: Cyber Threat Intelligence
-
Emerging Threat Review: Storm-0324 & Sangria Tempest
The newest set of tactics, techniques, and procedures (TTPs) from Storm-0324, otherwise known as DEV-0324, reveals their use of Microsoft Teams to deliver malware through phishing messages and attachments. With corporate networks within their reach, this new evolution raises concerns for companies utilizing Microsoft Teams for day-to-day communications. Analysis: A publicly available Python-based tool known as… Read more
-
Understanding 2FA vs MFA: A Layered Approach to Cybersecurity
In today’s digital landscape, ensuring robust security measures is paramount. With the ever-increasing sophistication of cyber threats, businesses and individuals alike must adopt rigorous authentication protocols. Two primary methods that stand out are Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA). While they are often used interchangeably, understanding their nuances is crucial for implementing the most… Read more
-
Demystifying SQL Injection and Database Security
Structured Query Language or SQL is a programming language designed for creating, manipulating, and processing information stored in a relational database. These are made up of tables where information is stored and accessed using rows and columns to represent different data attributes and relationships. These databases are ubiquitous; even though we, the users, may not interact… Read more
-
Eldorado: The Golden City of Ransomware-as-a-Service (RaaS)
In today’s rapidly evolving technological landscape, new cybercriminal threats are emerging alongside innovations. A ransomware group named Eldorado recently surfaced and, within a few months, successfully breached 16 companies worldwide, including in the United States. This malware poses a threat to both Windows and Linux systems, demonstrating that anyone can be a victim. Eldorado is… Read more
-
OpenAI and Apple’s Foray into Artificial Intelligence: New Products and Innovations
Artificial intelligence (AI) is driving industry, innovation and human interaction in extraordinary ways – and some of the leading organizations driving this revolution are OpenAI and Apple. Yet, the two companies have made significant strides in developing AI, and there are major disparities between the two companies’ AI developments and what they are ultimately focused… Read more
-
DISGOMOJI: Not A Dance Move
A sophisticated malware targeting Linux servers with emojis as the form of execution, DISGOMOJI has emerged attributed to none other than the threat actor UTA0137. Utilized as part of a cyber-espionage campaign by the Pakistan-based actor, follow along as we dive into what exactly emojis have to do with Linux servers and how these state… Read more
-
Safeguarding Your Digital Gateways and APIs
Application Programming Interfaces or APIs are the mechanisms by which different software and applications can communicate with one another. APIs are a core component of the web-based applications that power our world today. They can be found in everything from weather apps to healthcare technologies to every smart device on the market. For as many… Read more
-
Preview Pane Attacks
In today’s digital landscape, cybersecurity threats are evolving rapidly, and one of the more insidious methods attackers use to infiltrate systems is through preview pane attacks. These attacks leverage vulnerabilities in software that display previews of content, such as emails or documents, without fully opening them. In this blog post, we’ll delve into preview pane… Read more
-
Cybersecurity and Cryptocurrency: Safeguarding Digital Assets in 2024
The emergence of cryptocurrency — decentralized, digital alternatives to fiat money ― is changing the ways in which we perform financial transactions. Yet through the proliferation of cryptocurrencies, come greater than ever security concerns. With the invention of cryptocurrencies, cyber-related incidents such as hacking, and fraud have also become commonplace. To anticipate these security issues,… Read more
-
Shadow AI vs. Shadow IT
Within the corridors of modern enterprises, a lesser-known dichotomy lurks in the shadows: the juxtaposition of Shadow Artificial Intelligence (AI) and Shadow Information Technology (IT). These clandestine counterparts represent both the promise and peril of technological autonomy, each possessing the potential to revolutionize workflows or disrupt established protocols. Follow along as we illuminate the path… Read more