intelligence gathering

On November 22, GoDaddy, a well-known online registration and hosting service provider, just disclosed a hacking incident to the U.S. Securities and Exchange Commission (SEC) and found that an "unauthorized third party" had gained access to its WordPress hosting environment...

A threat actor known for targeting targets in the Middle East has once again evolved its Android spyware and enhanced its capabilities to make it more stealthy and persistent, while concealing itself with seemingly innocuous app updates. Reports indicate that a new variant of the spyware has been…

Under new cybersecurity incident notification rules, U.S. banks will be required to notify federal regulators within 36 hours of discovering any cybersecurity incident. The rule takes effect on April 1, 2022, but enforcement will not begin until May 1…

Combining Cymru Team's threat intelligence and threat hunting capabilities with Amplicy's Internet asset discovery and vulnerability management will give enterprise defenders a complete view of their organization's cyber risks. The Cymru team received an undisclosed amount from…

Meta, formerly known as Facebook, announced on Tuesday that it was taking some action to deactivate or delete the accounts of four different malicious cyber groups from Pakistan and Syria that Meta found to be targeting the people of Afghanistan, Western...

HTML smuggling techniques are increasingly used by attackers in phishing campaigns as a means to gain initial access and deploy a range of threats, including but not limited to banking malware, remote administration Trojans (RATs), and ransomware payloas. …

The operators of the TrickBot Trojan are working with the Shathak threat group to distribute their software, ultimately leading to the deployment of Conti ransomware on infected machines. Cybereason Security Analyst Ale…

While we are recovering from the worst of the COVID-19 pandemic, cyber threats show no signs of abating, with cybercriminals still using advanced methods to achieve their goals. Global Threat Trends Report Shows Cyberattacks Are Targeting Digital Infrastructure, Ransomware…

In recent years, continuous fuzz testing has become an important part of the software development life cycle. This technology usually inputs unexpected or random data into the program, and then can dig out some crash points that are easily missed or not discovered manually. NIST software…

On November 10, 2021, foreign security manufacturer ESET exposed an attack activity by the North Korean APT organization Lazarus: ESET pointed out that the Lazarus organization used IDA Pro 7 with two backdoor files…