Our research provides a detailed analysis of the new tools and techniques used by Earth Baku in its cyberespionage campaign against organizations in the Indo-Pacific region.
Our two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.
We analyzed the tools, relationships, and behaviors used in a long-standing intrusion of a company after its security team observed malicious C&C traffic.
Many work-from-home employees use devices for personal and business purposes in home networks that are not as secure as that of the office. This article discusses the threats to unsecure IoT apps and provides ways to secure them.
We take a closer look at an emerging underground market that is driven by malicious actors who sell access to a gargantuan amount of stolen data, frequently advertised in the underground as “cloud of logs."
Bulletproof hosting (BPH) services have long been crucial parts of the cybercriminal infrastructure. How do they protect malicious activities, and how do cybercriminals use them to stay in business?
The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.
Underground platforms are part of a mature ecosystem for trading cybercrime goods and services. How does a capable hosting infrastructure allow illicit activities to thrive?
As cybercriminals compete for dominance in their bid to create powerful botnets, users can make their own stand against warring sides by understanding how botnet malware works and securing their devices.
The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns.