ransomware
Comparative Analysis of Ransomware Families: INC, BlackCat, Quantum Locker, Zeppelin, and Rhysida
Comparative Analysis of Ransomware Families: INC, BlackCat, Quantum Locker, Zeppelin, and Rhysida
threat-actors
Threat Actors LIKELY Targeting CVE-2024-5910: Understanding the Risks in Palo Alto Networks' Expedition Tool
CVE-2024-5910 presents a critical vulnerability within Palo Alto Networks' Expedition tool, arising from missing authentication on a vital function. This flaw opens the door for attackers with network access to seize control over admin accounts.
unc5537
UNC5537: Unmasking the Cyber Threat Behind Snowflake Breaches
UNC5537, a cybercriminal group recently identified by Mandiant, has been implicated in a series of significant data breaches, including those targeting the cloud data warehousing company Snowflake.
apt36
APT36 and ElizaRAT: Unveiling the Persistent Cyber Espionage Threat to Indian Cybersecurity
APT36, also known as Transparent Tribe, is a sophisticated advanced persistent threat (APT) group believed to be based in Pakistan. Over the past years, APT36 has been actively engaged in cyber-espionage campaigns primarily targeting Indian..
midnight-blizzard
Midnight Blizzard: Unmasking the Espionage Tactics of Russia's Elite Cyber Threat Actor -- What's Next?
Midnight Blizzard, a cyber threat actor linked to Russia's Foreign Intelligence Service (SVR), has been a persistent menace in the cyber espionage landscape, targeting sectors such as government, defense, academia, and non-governmental organizations.
scattered-spider
Scattered Spider: The Rising Threat of AI-Driven Cyber Attacks on Cloud and Critical Sectors
Scattered Spider, a cybercriminal group identified by CrowdStrike, has been a formidable presence in the cyber threat landscape since at least 2022..
vulnerabilities
Prioritizing Vulnerability Patching: Key Threats and Actors for October 2024
The vulnerabilities identified include CVE-2024-43572, a Microsoft Management Console RCE vulnerability, and CVE-2024-43573, a Windows MSHTML Platform spoofing vulnerability. Both have been actively exploited in the wild, with threat actors such as APT29, FIN7, APT28...
ai
Evaluating Artificial Intelligence in Modern Cyber Attacks: Practical Insights and Defense Strategies
While AI technologies like machine learning are indeed being incorporated into certain cyber attack methodologies, their impact is more nuanced than often portrayed.
apt
Emerging Trends in Adversary Techniques and Tools for Interactive Intrusions
Adversaries are increasingly targeting identities, leveraging compromised credentials and cloud account misuse to gain unauthorized access..
strategy
Strategic Prioritization of Cybersecurity Threats for 2025: Ransomware, IoT Vulnerabilities, and AI-Powered Attacks
AI-powered attacks represent another formidable threat, as cybercriminals leverage AI and machine learning technologies to automate and scale their operations...
threat-actors
Prioritizing Non-Ransomware Threat Actors for US SaaS Providers in 2025
The research highlights a growing trend of threat actors exploiting cloud services as entry points into networks. SCATTERED SPIDER, for instance, has been actively using social engineering to breach cloud systems, posing a significant threat to SaaS providers.
china
Unveiling TGR-STA-0043: A Chinese APT Espionage Campaign
This group has primarily targeted governmental entities across the Middle East, Africa, and Asia, focusing on diplomatic and economic missions, embassies, military operations, and political meetings.