Credit to Author: Mickey Jin| Date: Mon, 04 Apr 2022 00:00:00 +0000
We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.
Read more
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels.
Credit to Author: Jon Clay| Date: Fri, 01 Apr 2022 00:00:00 +0000
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’
Read more
In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS.
Credit to Author: Jon Clay| Date: Tue, 29 Mar 2022 00:00:00 +0000
Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat.
Read more
Credit to Author: Mayra Rosario Fuentes| Date: Tue, 29 Mar 2022 00:00:00 +0000
One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency.
Read more
Credit to Author: Michael Langford| Date: Mon, 28 Mar 2022 00:00:00 +0000
A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform drift and manage any drift issues you might face.
Read more
Credit to Author: Sherif Magdy| Date: Fri, 25 Mar 2022 00:00:00 +0000
Purple Fox is an old threat that has been making waves since 2018. This most recent investigation covers Purple Fox’s new arrival vector and early access loaders. Users’ machines seem to be targeted with malicious payloads masquerading as legitimate application installers.
Read more
Credit to Author: Jon Clay| Date: Fri, 25 Mar 2022 00:00:00 +0000
An investigation of cryptocurrency scams and schemes, and Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
Read more
The ever-expanding attack surface of the cloud calls for effective cyber risk management to enable enterprises to innovate and meet business objectives. Discover how to better understand, communicate, and mitigate cyber risk across the enterprise.