Research
- Our research identifies sensitive environmental variables in the Microsoft Azure environment that, when leaked, can be used by malicious actors to compromise the entire serverless environment.Our research paper shows how decision-makers that are in a position to affect ransomware at scale – including policy-makers and industry leaders – can use data-science approaches to understand ransomware risk holistically and build cybersecurity strategies that can affect the ransomware ecosystem as a whole.In this report, we examine how these low-level threats have evolved through the years and discuss the three types of low-level threats that affect Windows systems. The categorization of more than 60 of the most noteworthy Windows low-level threats observed in the wild from 2015 to 2022 and where these threats stand in today’s threat landscape are discussed.Our research looks at the potential evolutions and revolutions in the current ransomware landscape based on significant triggers and catalysts. We highlight the specific developments (triggers) that could cause gradual changes (evolutions) before sparking more drastic transformations (revolutions).Unlike traditional legacy trust models where security is not always present in all cases, Zero Trust revolves around an ”always-on everywhere” approach.The technological leaps of the Fourth Industrial Revolution may have made production machinery more efficient, but these have also put manufacturers in the crosshairs of cybercriminals. Our research tackles the risks that computer numerical control (CNC) machines now face as they’re integrated into today’s networked factories.The photos, videos, and audio posts we put online expose sensitive biometric patterns that can be abused by cybercriminals. These patterns are virtually unchangeable and can be used now or in future attacks.Our research on APT group Earth Aughisky (aka Taidoor) lists the observed malware, connections, and developments attributed to the group. We also include our insights on the possible implications of changes in the organization's activities for their current and future victims.