Research, News, and Perspectives

APT & Targeted Attacks

Earth Preta’s Cyberespionage Campaign Hits Over 200

We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective countermeasures.

Mar 27, 2023

APT & Targeted Attacks

Pack it Secretly: Earth Preta’s Updated Stealthy Strategies

Earth Preta has actively been changing its tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog entry, we will introduce and analyze the tools and malware used by the threat actor in its most recent campaigns.

Research Mar 23, 2023

Exploits & Vulnerabilities

Patch CVE-2023-23397 Immediately: What You Need To Know and Do

We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale.

Mar 21, 2023

Cyber Threats

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware.

Security Strategies Mar 20, 2023

Cyber Threats

Making the digital world safer, one Tesla at a time

Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities

S4x23 Review Part 2: Evolving Energy Cybersecurity

In this second report on S4x23 held last February, this article introduces the discussion on cyber security in the energy industry, which was one of the topics that attracted attention.

Security Strategies Mar 13, 2023

Malware

Emotet Returns, Now Adopts Binary Padding for Evasion

Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails.

Research Mar 13, 2023

Ransomware

Examining Ransomware Payments From a Data-Science Lens

In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”

Research Mar 09, 2023

Cyber Threats

Expanding Attack Blueprints: 2022 Annual Cybersecurity Report

In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.”

Reports Mar 07, 2023

Cyber Threats

S4x23 Review Part 1: What's New in OT Security

This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews.

Security Strategies Mar 03, 2023

Explore the Cyber Risk Index (CRI)

Research, News, and Perspectives

Trending Topics