Meet "Sodinokibi" this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat

A critical vulnerability was discovered in current versions of OpenSSL affecting almost every organization. A fix is now out. Learn more about the vulnerabilities and what to do if you have been impacted.

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America

TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their cyber resilience. Thanks to its threat intelligence offering, Outpost24 is well-positioned to create attack scenarios in line with the TIBER-EU framework.

Since its inception almost a decade ago and the MirrorBlast campaign, the threat actor group known as TA505 has continued to plague the financial, retail and restaurant sectors.

Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia

Web application security is crucial for any organization that relies on web-based applications. Learn about the importance of web application security and best practices for keeping your organization safe. The importance of web application security cannot be overstated. As organizations move towards web-based applications and services to run their business and connect with customers, it is becoming more vital than ever to secure those systems from malicious attacks.

The Hive Gang is a Ransomware as a Service (RaaS) providers first identified in June 2021. Although relatively new, their aggressive tactics and ever evolving malware variants have made them one of the most successful RaaS groups of its kind. Find out how the group has risen through the ranks with their advanced ransomware kit, API based portal and negotiation services.

This month we’re introducing you to GhostSec, a hacktivist group with ties to the Anonymous collective

In the last phishing blog we discussed how modern phishing works on the frontend. Read on to find out how threat actors can easily find and authenticate a suitable domain by modifying both Gophish and Evilginx to evade security controls In the last phishing blog we discussed how modern phishing works on the frontend. Here we go behind the scenes to dissect how to configure and authenticate a good domain for your phishing campaign using Apache as Reverse Proxy. Excited? You caught the hook, read on!