Threat actors continue to utilise call-back phishing to obtain initial access to corporate networks
Over the past week, we have observed the continued use of call-back phishing as a means of obtaining initial access to corporate networks. In this [ ... More Here > ]
Cybercriminals reaffirm tendency to capitalise on seasonal events
Our reporting this week reaffirms cybercriminals’ tendency to capitalise on seasonal events. At least seven cybercriminal groups are responsible for a surge in TrojanOrders compromises of e-commerce [ ... More Here > ]
Cybercriminals continue to diversify their malware arsenal to gain access to target networks
Our threat intelligence this week highlights that cybercriminals continue to diversify their malware arsenal to gain access to target networks. A new version of the [ ... More Here > ]
October 2022 sees largest quantity of assets stolen via cryptocurrency platforms so far
Our threat intelligence this week focuses on the continued trend of cryptocurrency theft operations, as October has seen the largest total sum of assets stolen [ ... More Here > ]
Ransomware groups retarget Healthcare sector post-pandemic using ‘double extortion’ technique
Our threat intelligence this week highlighted the continued targeting of the healthcare sector by ransomware groups. An advisory issued by the Cybersecurity and Infrastructure Security Agency, [ ... More Here > ]
New OpenSSL Critical Vulnerability – What you need to know
The OpenSSL organisation has announced patch 3.0.7, which will be released on November 1st 2022, between 13:00 and 17:00 UTC. All OpenSSL versions starting with [ ... More Here > ]
The key steps CISOs & CSOs should consider before embarking on security operations modernisation
In today's digital world, cybersecurity is a top priority for every organisation, or at least it should be. But the current economics of storing and [ ... More Here > ]
Continued targeting of Australia-based entities by cybercriminal groups
Our threat intelligence focused on the continued targeting of Australia-based entities by cybercriminal groups. On 20 October 2022, the Australian health insurer Medibank confirmed reports [ ... More Here > ]
Fortinet confirms active exploitation using critical authentication bypass vulnerability
Our threat intelligence this week focusses on the Fortinet CVE-2022-40684 vulnerability, allowing a remote attacker to log into vulnerable Fortinet products and perform operations on [ ... More Here > ]
Researchers warn Zero-day Microsoft Exchange vulnerability mitigation can be bypassed
This week's reporting revisits the two Microsoft Exchange zero-day vulnerabilities that were disclosed last week, as researchers have since warned that threat actors can bypass [ ... More Here > ]
Chinese adversaries exploit old and new vulnerabilities impacting Microsoft Exchange
Our reporting this week highlighted the technical sophistication possessed by Chinese adversaries facilitating initial access and post-exploitation activity. Between February and September 2022, an espionage [ ... More Here > ]
Come and play capture the flag with the fastest search in SIEM
Organisations are increasingly challenged by a growing attack surface and the requirement to collect and process more security data. It’s left security teams drowning under [ ... More Here > ]