Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Qakbot Banking Trojan

Qakbot, also known as Pinkslipbot, Qbot and Quakbot, is a notorious Banking Trojan designed to steal account credentials and online banking session information leading to account takeover fraud. Commonly distributed via malicious unsolicited email (malspam), Qakbot campaigns reportedly deployed ‘Cobalt Strike’ beacons likely in an attempt to move laterally as well as gaining persistency and establishing a robust communication channel back to the threat actor.

Tackling the Surge: The Expanded Financial Attack Surface

The Attack Surface is Growing, and fast. What once was considered the attack surface is no longer. Instead organizations are faced with a sprawling attack surface, including not just domains, IPs and sub-domains, but also third parties, brand risks and more. Businesses in the finance sector face two additional challenges: This blog focuses on banks, FinTech companies and insurance providers, as they are among the largest types of entities in the financial sector.

The MSSP Buyer Guide to Threat Intelligence and EASM Services

We’re all familiar with software as a service or platform as a service, but what about Cyber-Crime-As-A-Service? It’s not just the sheer quantity of cyber threats that is increasing at alarming rates, it’s the methods and ease at which cybercriminals are finding to deploy attacks.,

Why Phishing Takedowns Can Be Hard, and How to Simplify Them

Allow us to set the scene: It’s Wednesday morning, and one of your cyber threat analysts Slacks you to report a profile on social media that is impersonating your organization. The analyst has verified that the threat is part of a phishing campaign and wants to talk about how to approach a phishing takedown. Now, as threats go, this is probably not one that will have you spitting out your coffee.

New Cyber Alliance: The Five Families Telegram Channel

The Cyberint research team has discovered a new Telegram channel called “The Five Families,” purportedly marking the initiation of collaboration of five distinct threat actor groups: This channel, which was established just a few hours ago, has already amassed nearly 400 subscriptions. Currently, it contains only one message: This message has been shared across the official channels of the above-mentioned collaboration groups, signifying their approval of this joint effort. Allegedly,

Putting CTEM Into Practice: The Five Key Steps

Cyber threats are like microbes: They’re constantly evolving, and the defenses that worked against them yesterday may no longer work today. Just as a vaccine crafted for an earlier iteration of a virus may not be effective anymore, the cybersecurity tools and processes that shut down risks in the past might not be enough to keep your business safe today. That’s why Continuous Threat Exposure Management, or CTEM, is a critical component of any cybersecurity strategy.

GhostSec's Revelation of Iranian Surveillance Software

GhostSec has reported a successful breach of the FANAP Behnama software, which they describe as the “Iran regime’s very own Privacy-invading software”. This breach has resulted in the exposure of approximately 20GB of compromised software. The group alleges that the Iranian government employs the software for citizen surveillance, representing a significant advancement in the nation’s surveillance capabilities.

LinkedIn Accounts Under Attack

In recent weeks, the Cyberint research team has observed an alarming emerging trend – an ongoing and successful hacking campaign is targeting LinkedIn accounts, all following a consistent method. This campaign is currently affecting individuals worldwide, resulting in a significant number of victims losing access to their accounts. Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts.

DDoS Empire Shutdown: The Why, What, When & How

Starting from the beginning of 2023, the FBI and other law enforcement agencies worldwide have come together in a united effort to combat cybercrime, with a specific focus on ransomware. This alliance has already resulted in significant arrests, including those of individuals associated with Pompompurin and LockBit, as well as the dismantling of the Hive ransomware group’s infrastructure.