Research
- We analyzed the tools, relationships, and behaviors used in a long-standing intrusion of a company after its security team observed malicious C&C traffic.We discuss the present state of the malicious uses and abuses of AI and ML and the plausible future scenarios in which cybercriminals might abuse these technologies for ill gain.A critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could lead to supply chain attacks.A watering hole campaign we dubbed as Operation Earth Kitsune is spying on users’ systems through compromised websites. Using SLUB and two new malware variants, the attacks exploit vulnerabilities including those of Google Chrome and Internet Explorer.Bulletproof hosting (BPH) services have long been crucial parts of the cybercriminal infrastructure. How do they protect malicious activities, and how do cybercriminals use them to stay in business?Given the increasing use by enterprises of contactless security solutions, the security of the devices that themselves are meant to control access to premises should be of prime consideration.The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.Connected cars face a range of ever-increasing and ever-progressing cyberthreats. Our forward-looking research provides an in-depth examination of the risks connected cars might run into.