In this blog post, the KrakenLabs team will take a deep dive into a malware sample classified as LummaC2, an information stealer written in C language that has been sold in underground forums since December 2022. We assess LummaC2’s primary workflow, its different obfuscation techniques (like Windows API hashing and encoded strings) and how to overcome them to effectively analyze the malware with ease.

The Rising Threat of Traffers report, compiled by Outpost24’s Threat Intelligence team, KrakenLabs, provides a deep dive into the credential theft ecosystem, and encourages organizations to evaluate their security measures against these evolving threats. In recent years, the theft of credentials has evolved into a highly professionalized cybercriminal activity.

True to its theme ‘Cyber Resilience’, our recent cyber security gathering was able to dissect the fast-moving threat landscape with insights and information nuggets from a panel of security experts and practitioners on the shortcomings and the need for better use of threat intelligence. Here are five takeaways from the Cyber Resilience Day in Breda co-hosted with our customer CM.com and a panel of cybersecurity experts.

How an Account Takeover vulnerability, discovered during a routine customer engagement, became a candidate for responsible disclosure, via the Microsoft Security Research Center Researcher Portal.

On December 2022, a security researcher from the Outpost24 Ghost Labs team discovered a vulnerability on the ThingsBoard IoT platform, where a normal user’s privileges can be escalated, by doing a simple post with an additional header, and exploiting the associated flaws, to take control over the entire platform and related accounts. Upon reporting of the vulnerability to the vendor, it was quickly resolved.

Using an outdated jQuery library can open up your web application to vulnerabilities. Read more to find out how to find and fix jQuery vulnerabilities. jQuery is among the oldest JavaScript libraries available online. It simplifies your coding and is used by countless websites. But there is an inherent danger that lies with outdated jQuery libraries: they are vulnerable to risks such as cross-site scripting.

Our annual Ransomware Report shares the latest trends and developments of the most active threat groups, and their victims to help businesses better protect themselves.

What are the most common cybersecurity threats facing your business? The 2023 Cyber Threat Landscape Study provides valuable threat intelligence to help you implement the appropriate security measures against real threats. The Outpost24 research team is sharing the results of the attack data from a network of honeypots deployed to gather actionable threat intelligence. Here are the key findings from the 42 million attacks that were registered (between January 1 – September 30, 2022).

In this article, we’ll look at Content Security Policy through the eyes of a penetration tester. We will outline the advantages of CSP, explain why you should have it on your site, and share some common misconfigurations that can be exploited, along with the relevant bypass scenarios. What is Content Security Policy?

In light of the numerous large-scale cyberattacks witnessed in the last year, 2023 promises to be an exciting time for cybersecurity. Outpost24 experts share their thoughts on what we can expect in the new year, and how to best prepare against new threats.