The complex geopolitical landscape in Southeast Asia, influenced by People’s republic of China (PRC)’s strategic interests and territorial disputes, faces a prominent offensive threat from Chinese cyber operations. Southeast Asia’s economic and digital growth make it a prime target for cyber threats. In the past 8 months Cyberint has been able to identify a major large-scale campaign.
|
By Shmuel Gihon
Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.
|
By Cyberint Research
Responsible for a number of infamous ‘big game hunter’ ransomware attacks and believed active since at least 2019, the ransomware threat group dubbed ‘CL0P‘ is thought to be a Russian-language cybercriminal gang and have been widely reported as associated with, or their malware adopted by, other cybercriminal groups including ‘FIN11’, a part of the larger financially-motivated ‘TA505’ group, and ‘UNC2546’.
|
By David Geclowicz
Cyber threats against critical infrastructure – such as energy and transportation networks – remain pervasive as ever, with 2023 witnessing an astounding 420 million such attacks in total. That’s the bad news. The good news is that critical infrastructure is set to become more secure, at least in the European Union, thanks to the NIS 2 Directive (also known as E.U. Directive 2022/2055).
|
By Adi Bleih
In April 2023, Researchers uncovered a new ransomware actor named RA Group, demonstrating a connection to the Babuk ransomware through the utilization of leaked source code. Following the full disclosure of Babuk’s ransomware source code by an alleged group member in September 2021, various ransomware families have emerged, incorporating this leaked code into their attacks.
|
By Cyberint
The Common Vulnerability Scoring System (CVSS) is used to evaluate and communicate the technical severity of software, hardware and firmware vulnerabilities. While CVSS has been around for nearly 2 decades and now stands as an industry standard tool for scoring the severity of a vulnerability, the framework still has its limitations. To mitigate some of these challenges and improve the efficacy of the system, an updated version of CVSS was released in November 2023.
|
By Adi Bleih
GuLoader stands out as a prominent downloader founded on shellcode that has been used in many attacks aimed at spreading a diverse array of highly sought-after malware strains. For over three years, GuLoader has maintained its activity and is continuously evolving through ongoing development efforts. The latest iteration introduces novel anti-analysis techniques, making its analysis extremely difficult.
|
By Alon Davidoff
Cybercriminals are always on the lookout for vulnerabilities to exploit and steal sensitive information. One such threat is credential stuffing, a type of cyberattack that can cause significant damage to both individuals and businesses. Credential stuffing is a cyberattack that involves the use of stolen account credentials to gain unauthorized access to user accounts on other systems.
|
By Adi Bleih
Qilin operates as an affiliate program for Ransomware-as-a-Service, employing a Rust-based ransomware to target victims. Qilin ransomware attacks are often tailored for each victim to maximize their impact, utilizing tactics like altering filename extensions of encrypted files and terminating specific processes and services.
|
By Gemma Goldstein
Operating a thriving Managed Security Service Provider, or MSSP, business can be tough. Not only do MSSPs need to keep up-to-date with constantly evolving security trends and threats, but they must also adapt as the security market and tooling change. Otherwise, MSSPs face a real risk of becoming outdated – and losing out on customers and major revenue opportunities.
|
By Cyberint
This is not only important for Cyberint's bottom line, but also crucial to demonstrate to investors that we are spending responsibly. One of the problems that CFOs encounter frequently is product sprawl. Where teams are using separate solutions for different purposes, each with their own price tag. Many of these point solutions aren’t better than a consolidated product; if they were using one, the information shared would make the tool more valuable. Despite this product sprawl occurs. The same is true for cybersecurity products.
|
By Cyberint
Learn more about our Threat Intelligence here: https://cyberint.com/platform/threat-intelligence/
|
By Cyberint
Learn about Cyberint Threat Intelligence Here: https://cyberint.com/platform/threat-intelligence/
|
By Cyberint
Learn about what happened when we found a major US retailer employee's credentials on the Dark Web..
|
By Cyberint
The United States is at the epicenter of cyber crime globally. It is by far the most highly-targeted nation, and American businesses face a higher volume of attacks as well as more costly consequences when an attack is successful. In this webinar, Cyberint Threat Research Team Lead Shmuel Gihon will discuss the current US threat landscape, recent trends, and the most urgent risks to prepare for. Using research and data collected by the Cyberint research team.
|
By Cyberint
The suppliers are the weak point in the security organization, 62% of attacks were through suppliers..... Existing tactics such as periodic pen testing, questionaires etc. don't cut it! Find out who your suppliers are, how healthy their protection is, how targeted they are AND be notified when an issue happens.
|
By Cyberint
Up until 2023 third party risk management has been flawed. 2023 brings big changes and Cyberint is leading the way. We had fun acting out some of the benefits.....
- April 2024 (6)
- March 2024 (2)
- February 2024 (9)
- January 2024 (9)
- December 2023 (6)
- November 2023 (12)
- October 2023 (15)
- September 2023 (11)
- August 2023 (9)
- July 2023 (10)
- June 2023 (8)
- May 2023 (7)
- April 2023 (9)
- March 2023 (8)
- February 2023 (5)
- December 2022 (3)
- November 2022 (4)
- October 2022 (5)
- September 2022 (6)
- August 2022 (5)
- July 2022 (4)
- June 2022 (3)
- May 2022 (4)
- April 2022 (4)
- March 2022 (8)
- February 2022 (6)
- January 2022 (2)
- December 2021 (7)
- November 2021 (4)
- October 2021 (2)
- September 2021 (3)
- August 2021 (4)
- July 2021 (7)
- June 2021 (3)
- May 2021 (6)
- April 2021 (5)
- March 2021 (4)
- February 2021 (5)
- January 2021 (12)
- December 2020 (6)
- November 2020 (2)
- October 2020 (4)
- July 2020 (1)
- May 2020 (1)
- April 2020 (2)
- March 2020 (3)
- January 2020 (1)
- December 2019 (2)
- September 2019 (1)
- May 2019 (1)
- March 2019 (1)
- November 2018 (1)
- January 2018 (3)
- May 2014 (2)
Best-in-class managed intelligence suite. We help you identify emerging threats, verify your security posture, and respond effectively to reduce their impact.
CyberInt's Managed Detection and Response services span globally and include some of the top finance, retail and telecommunication organizations. Allowing our customers to combat and respond to advanced cyber threats that would normally go unnoticed by standard security controls, while protecting their brand, digital assets and customers.
Solutions:
- Threat Intelligence: Real-time monitoring of threats in the deep, dark and open web such as phishing and malware campaigns, brute-force and credential stuffing threats, data leakage, including personal identifiable information (PII), and fraudulent activity.
- Digital Risk: Digital footprint discovery and ongoing monitoring of organizations’ cloud and external facing assets. Ensuring visibility into assets with severity-based prioritization of issues to address, highlighting related threats, vulnerabilities, and weaknesses.
- Threat Hunting: Driven by Cyberint proprietary intelligence and custom detections service provides continuous hunt for threats across the IT and infrastructure. Leveraging 3rd party EDR-agnostic technology and SOAR, we deploy proprietary automated playbooks to contain and mitigate threats within minutes.
- Cybersecurity Assessment: Testing applications and infrastructure’s resilience to cyberattacks, to identify weaknesses and loopholes in your security posture.
Intelligence-driven Detection & Response. Leveraging threat intelligence suite, threat hunting and threat mitigation and response services.