Research

Using MITRE ATT&CK to Identify an APT Attack

We analyzed the tools, relationships, and behaviors used in a long-standing intrusion of a company after its security team observed malicious C&C traffic.

PAGES:
1
2
3
4
5
6
7
8
9
...
14

Exploiting AI: How Cybercriminals Misuse and Abuse AI and ML
We discuss the present state of the malicious uses and abuses of AI and ML and the plausible future scenarios in which cybercriminals might abuse these technologies for ill gain.
Read more
Supply Chain Attacks in the Age of Cloud Computing: Risks, Mitigations, and the Importance of Securing Back Ends
A critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could lead to supply chain attacks.
Read more
Operation Earth Kitsune: Tracking SLUB’s Current Operations
A watering hole campaign we dubbed as Operation Earth Kitsune is spying on users’ systems through compromised websites. Using SLUB and two new malware variants, the attacks exploit vulnerabilities including those of Google Chrome and Internet Explorer.
Read more
Inside the Bulletproof Hosting Business: Cybercriminal Methods and OpSec
Bulletproof hosting (BPH) services have long been crucial parts of the cybercriminal infrastructure. How do they protect malicious activities, and how do cybercriminals use them to stay in business?
Read more
Securing Enterprise Security: How to Manage the New Generation of Access Control Devices
Given the increasing use by enterprises of contactless security solutions, the security of the devices that themselves are meant to control access to premises should be of prime consideration.
Read more
Commodified Cybercrime Infrastructure: Exploring the Underground Services Market for Cybercriminals
The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.
Read more
The Cybersecurity Blind Spots of Connected Cars
Connected cars face a range of ever-increasing and ever-progressing cyberthreats. Our forward-looking research provides an in-depth examination of the risks connected cars might run into.
Read more
Shedding Light on Security Considerations in Serverless Cloud Architectures
Serverless computing is not immune to risks and threats. Our security research provides a comprehensive analysis of the possible attack scenarios that could compromise serverless services and deployments.
Read more
Lost in Translation: When Industrial Protocol Translation goes Wrong
This research paper looks at protocol gateways, which translate various protocols used by different industrial devices and machinery, and provides insight into the security issues and vulnerabilities found in these devices as well as ways to secure them.
Read more

PAGES:
1
2
3
4
5
6
7
8
9
...
14