Tag: CTI

  • Demystifying SQL Injection and Database Security 

    Demystifying SQL Injection and Database Security 

    Structured Query Language or SQL is a programming language designed for creating, manipulating, and processing information stored in a relational database. These are made up of tables where information is stored and accessed using rows and columns to represent different data attributes and relationships. These databases are ubiquitous; even though we, the users, may not interact… Read more

  • Eldorado: The Golden City of Ransomware-as-a-Service (RaaS) 

    Eldorado: The Golden City of Ransomware-as-a-Service (RaaS) 

    In today’s rapidly evolving technological landscape, new cybercriminal threats are emerging alongside innovations. A ransomware group named Eldorado recently surfaced and, within a few months, successfully breached 16 companies worldwide, including in the United States. This malware poses a threat to both Windows and Linux systems, demonstrating that anyone can be a victim. Eldorado is… Read more

  • OpenAI and Apple’s Foray into Artificial Intelligence: New Products and Innovations

    OpenAI and Apple’s Foray into Artificial Intelligence: New Products and Innovations

    Artificial intelligence (AI) is driving industry, innovation and human interaction in extraordinary ways – and some of the leading organizations driving this revolution are OpenAI and Apple. Yet, the two companies have made significant strides in developing AI, and there are major disparities between the two companies’ AI developments and what they are ultimately focused… Read more

  • DISGOMOJI: Not A Dance Move 

    DISGOMOJI: Not A Dance Move 

    A sophisticated malware targeting Linux servers with emojis as the form of execution, DISGOMOJI has emerged attributed to none other than the threat actor UTA0137. Utilized as part of a cyber-espionage campaign by the Pakistan-based actor, follow along as we dive into what exactly emojis have to do with Linux servers and how these state… Read more

  • Safeguarding Your Digital Gateways and APIs

    Safeguarding Your Digital Gateways and APIs

    Application Programming Interfaces or APIs are the mechanisms by which different software and applications can communicate with one another. APIs are a core component of the web-based applications that power our world today. They can be found in everything from weather apps to healthcare technologies to every smart device on the market. For as many… Read more

  • Preview Pane Attacks 

    Preview Pane Attacks 

    In today’s digital landscape, cybersecurity threats are evolving rapidly, and one of the more insidious methods attackers use to infiltrate systems is through preview pane attacks. These attacks leverage vulnerabilities in software that display previews of content, such as emails or documents, without fully opening them. In this blog post, we’ll delve into preview pane… Read more

  • Who is DefendEdge’s Co-Founder?

    About Lewis Borsellino:  Lewis is renowned for his incredibly successful trading career and has over 20 years of expertise in the international finance and risk management market. Borsellino prevailed in some of the largest and most dynamic markets, including Eurodollars and S&P futures. As a member of the Chicago Mercantile Exchange, he was referred to… Read more

  • Shadow AI vs. Shadow IT

    Within the corridors of modern enterprises, a lesser-known dichotomy lurks in the shadows: the juxtaposition of Shadow Artificial Intelligence (AI) and Shadow Information Technology (IT). These clandestine counterparts represent both the promise and peril of technological autonomy, each possessing the potential to revolutionize workflows or disrupt established protocols. Follow along as we illuminate the path… Read more

  • Unraveling Living off the Land Cyber Attacks 

    The idea of a cyber attack conjures up many ideas in peoples’ minds. It is easy to imagine the attacks that make headlines: companies paying millions of dollars to ransomware gangs, massive DDoS attacks rendering websites inaccessible, or data breaches that compromise droves of sensitive records. These attacks are loud. The attacker wants you to… Read more

  • Royal Tiger – The First Officially Designated Robocall Threat Actor

    On Monday, May 13th, the Federal Communications Commission (FCC) officially named its first robocall threat actor group,’ Royal Tiger’. This move goes along with the FCC’s new robocall bad actor classification system, Consumer Communications Information Services Threat (C-CIST). This system aims to assist law enforcement and industry partners with tracking threat actors behind robocall campaigns.  Royal Tiger is comprised of members operating… Read more