Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You can’t manage what you can’t measure – and unfortunately, measuring cyber risk exposure can be quite difficult. That’s not, of course, because no one attempts to put labels on risks and threats. In fact, there is a great deal of effort placed on identifying, quantifying, and deciding how to manage cyber risk.

The financially motivated Desorden (Disorder in Spanish) group, previously known as “chaoscc”, was first observed going by the new name Desorden in 2021 while acting against multiple Asian-based organizations in various sectors. The group mainly targets high-revenue enterprises and supply chains to amass as much profit as possible by extracting sensitive organizational data and demanding a ransom for it.

Android, an operating system developed by Google, has become a staple in our lives, powering smartphones, car systems, tablets, and much more. With over 70% of the mobile OS market share and embedded in over 1.5 billion devices worldwide, the Android platform is an enticing target for threat actors.

Qakbot, also known as Pinkslipbot, Qbot and Quakbot, is a notorious Banking Trojan designed to steal account credentials and online banking session information leading to account takeover fraud. Commonly distributed via malicious unsolicited email (malspam), Qakbot campaigns reportedly deployed ‘Cobalt Strike’ beacons likely in an attempt to move laterally as well as gaining persistency and establishing a robust communication channel back to the threat actor.

The Attack Surface is Growing, and fast. What once was considered the attack surface is no longer. Instead organizations are faced with a sprawling attack surface, including not just domains, IPs and sub-domains, but also third parties, brand risks and more. Businesses in the finance sector face two additional challenges: This blog focuses on banks, FinTech companies and insurance providers, as they are among the largest types of entities in the financial sector.

We’re all familiar with software as a service or platform as a service, but what about Cyber-Crime-As-A-Service? It’s not just the sheer quantity of cyber threats that is increasing at alarming rates, it’s the methods and ease at which cybercriminals are finding to deploy attacks.,

Allow us to set the scene: It’s Wednesday morning, and one of your cyber threat analysts Slacks you to report a profile on social media that is impersonating your organization. The analyst has verified that the threat is part of a phishing campaign and wants to talk about how to approach a phishing takedown. Now, as threats go, this is probably not one that will have you spitting out your coffee.

The Cyberint research team has discovered a new Telegram channel called “The Five Families,” purportedly marking the initiation of collaboration of five distinct threat actor groups: This channel, which was established just a few hours ago, has already amassed nearly 400 subscriptions. Currently, it contains only one message: This message has been shared across the official channels of the above-mentioned collaboration groups, signifying their approval of this joint effort. Allegedly,

Cyber threats are like microbes: They’re constantly evolving, and the defenses that worked against them yesterday may no longer work today. Just as a vaccine crafted for an earlier iteration of a virus may not be effective anymore, the cybersecurity tools and processes that shut down risks in the past might not be enough to keep your business safe today. That’s why Continuous Threat Exposure Management, or CTEM, is a critical component of any cybersecurity strategy.

GhostSec has reported a successful breach of the FANAP Behnama software, which they describe as the “Iran regime’s very own Privacy-invading software”. This breach has resulted in the exposure of approximately 20GB of compromised software. The group alleges that the Iranian government employs the software for citizen surveillance, representing a significant advancement in the nation’s surveillance capabilities.