vulns
Exploiting Zero-Days: APT34, APT28, and APT29 in Focus
Microsoft's January 2025 Patch Tuesday release addressed 159 vulnerabilities, including eight zero-day vulnerabilities, with three actively exploited in the wild.
ransomware
Space Bears: Emerging Ransomware Threat with Strategic Affiliations
The 'Space Bears' threat actor is a relatively new ransomware group that emerged in April 2024. They are known for their corporate-themed data leak site and strategic affiliations, particularly with the Phobos ransomware-as-a-service group.
playfulghost
PLAYFULGHOST: A Comprehensive Technical Analysis of a Sophisticated Malware
PLAYFULGHOST is a newly identified malware that has been observed targeting users through phishing emails and SEO poisoning. This malware is notable for its extensive capabilities, which include keylogging, screen and audio capture, remote shell access, and information stealing.
REF5961
Unveiling the REF5961 Intrusion Set: A Deep Dive into EAGERBEE, RUDEBIRD, and DOWNTOWN Malware Families
The REF5961 intrusion set represents a sophisticated cyber-espionage campaign primarily targeting ASEAN (Association of Southeast Asian Nations) members and Mongolian government infrastructure.
hellcat
Hellcat Ransomware Group: A Comparative Analysis and 2025 Target Forecast
The Hellcat ransomware group, which emerged in late 2024, has rapidly become a significant player in the global cyber threat landscape. Known for its aggressive targeting, double-extortion tactics, and unique communication style, Hellcat has already...
threat-actors
Evolution of Threat Actors in 2024 and Predictions for 2025
Threat actors increasingly leveraged advanced technologies such as artificial intelligence (AI) and machine learning to enhance their attacks.
ransomware
Lynx and Cicada3301: Evolving Ransomware Threats in 2024
The threat actors "Lynx" and "Cicada3301" have been active in recent cyber campaigns, employing sophisticated tactics, techniques, and procedures (TTPs) to target various sectors. Lynx, a rebranding of the INC ransomware, has been particularly active in ..
apt
Navigating the Cyber Threat Landscape: Protecting Educational Institutions in 2025
Russia targets these institutions due to geopolitical tensions, employing tactics like spear-phishing, ransomware, and supply chain attacks. China focuses on cyber espionage, aiming to steal intellectual property and research data through advanced persistent threats and credential harvesting.
vendors
Enhancing Cybersecurity Through Effective Vendor Management Programs
Vendor management programs are essential for organizations to manage risks associated with third-party vendors. These programs typically include components such as security questionnaires, contract language...
breaches
Top 5 Most Impactful Cybersecurity Incidents in the US for 2024: Long-Term Economic Impact Analysis
This report identifies the top 5 most impactful incidents: the LoanDepot ransomware attack, the Snowflake data breach, the CDK Global ransomware attack, the Change Healthcare ransomware attack, and the Volt Typhoon infiltration of US critical infrastructure.
badbox
Disruption of BADBOX Malware: Long-Term Impacts on PEACHPIT Botnet Operations
BADBOX, a sophisticated malware operation originating from China, was preloaded on over 30,000 internet-connected devices, including digital picture frames, media players, and low-cost Android devices.
vulnerabilities
Top Vulnerabilities Exploited by Threat Actors: December 2024 Analysis
These vulnerabilities include remote code execution (RCE) flaws in Windows components such as Hyper-V, Remote Desktop Services, and the Local Security Authority Subsystem Service (LSASS)