Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

These days, the most worrisome phishing threats against businesses often don’t arrive via email. Instead, threat actors are increasingly turning to phishing variations in the form of vishing and smishing—techniques that use alternative communication channels to deliver messages designed to elicit or outright steal sensitive information from employees or customers. These attacks often leverage social engineering, malicious links, and other tactics.

Original Article published Decmber 2023. Update May 22nd 2025: The FBI has seized user panels and other Lumma C2 infrastructure. As of now, we don’t see the Lumma info-stealer disappearing from the arena. Our team is on guard to check and analyze the changes. This case shares similarities with the so called seizure of infrastructure of RedLine and Metta info stealers in October 2024 by the FBI, DOJ, Dutch authorities, etc.

The bigger your business, often the larger the size of the attack surface you need to secure. That’s why multi-national enterprises typically face a different set of cyber security priorities than SMBs. Here’s another, less often discussed factor that can complicate security and risk management: Whether your company is a multiple entity or a single entity.

Effective ‘dark web monitoring’ is essential for modern businesses. This intelligence practice goes beyond traditional dark web forums, actively scanning the deep web, open web, and social media platforms. It uncovers threats and risks wherever cyber criminals operate – from hidden marketplaces to public social channels – providing crucial visibility into your external threat landscape.

Organizations are increasingly recognizing that threats can emerge from various external-facing assets, including web applications, cloud infrastructure, APIs, and even shadow IT. This necessitates a robust Attack Surface Management (ASM) strategy, supported by specialized software solutions.