Research, News, and Perspectives

Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report

This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.”

Research Aug 31, 2022

Ransomware

New Golang Ransomware Agenda Customizes Attacks

A new ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim.

Research Aug 25, 2022

Ransomware

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.

Research Aug 24, 2022

Cloud

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.

Aug 17, 2022

Malware

Protecting S3 from Malware: The Cold Hard Truth

Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient.

Security Strategies Aug 17, 2022

Cloud

What Exposed OPA Servers Can Tell You About Your Applications

This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security.

Research Aug 16, 2022

Cyber Threats

Oil and Gas Cybersecurity: Recommendations Part 3

In the final part of our series, we look at the APT33 case study and several recommendations from our expert team.

Research Aug 15, 2022

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

We found APT group Iron Tiger's malware compromising chat application Mimi’s servers in a supply chain attack.

Aug 12, 2022

Cyber Threats

Oil and Gas Cybersecurity: Threats Part 2

In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks.

Aug 11, 2022

Malware

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.

Aug 11, 2022

Explore the Cyber Risk Index (CRI)

Research, News, and Perspectives

Trending Topics