News & Updates
- June 14, 2022We examine Azure’s Managed Identities service and its security capability in a threat model as developers’ go-to feature for managing secrets and credentials.
- May 24, 2022Our research uncovers the tools and techniques used by Earth Berberoka across different platforms to target online gambling sites.
LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022May 23, 2022This report delves into the ransomware threat landscape of the first quarter of 2022, with a focus on the three most successful ransomware families and the types of industries and organizations that were affected by their attacks.
- May 17, 2022RansomEXX is a ransomware variant that gained notoriety after a spate of attacks in 2020 and continues to be active today. With its targeted nature and history for choosing high-profile victims, we shine our spotlight on RansomEXX to reveal its tactics, techniques, and procedures.
- May 12, 2022After looking at offerings by cloud service providers (CSPs), we examined the possibilities of using a more secure serverless environment by running a custom container.
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsMay 05, 2022We provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.
- May 04, 2022We looked into Azure App Services and created a threat model to mitigate the impact of threats on the infrastructure and applications.
- April 26, 2022Our research examines how cloud tunneling services work and how organizations can thwart threats that abuse them.
- April 19, 2022The Data Distribution Service (DDS) standard drives thousands of systems every day as a middleware component for machine-to-machine communication with real-time requirements.