|
By Foresiet
Advanced Persistent Threat (APT) actors have become a significant concern for organizations worldwide, as they pose a substantial threat to sensitive information and critical infrastructure. One such APT actor is the Lazarus Group, also known as Hidden Cobra, which has been active since at least 2009. In this blog, we will delve into the motivation and recent activity of the Lazarus Group, highlighting their tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK techniques they employ.
|
By Foresiet
Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.
|
By Foresiet
APT36, also known as Transparent Tribe, is a well-known cyber espionage group attributed to Pakistan. Active since 2013, this advanced persistent threat (APT) group has focused its efforts primarily on Indian government sectors, including defense, education, and key infrastructure. APT36 has demonstrated consistent sophistication in their tactics, evolving their methods to target a wide array of platforms and systems.
|
By Foresiet
In 2023, a critical vulnerability in MOVEit Transfer software (CVE-2023-34362) was weaponized by the Cl0p ransomware group, leading to a substantial leak of sensitive employee data from major global corporations. The flaw in MOVEit allowed attackers to bypass authentication and access secure files, resulting in a far-reaching data breach that impacted various sectors including finance, healthcare, government, and retail. Vulnerability Details and Affected Software Nam3L3ss: Profiling Cl0p Ransomware Data.
|
By Foresiet
In recent events, Foresiet researchers identified a significant data leak involving Nokia's internal resources posted on a dark web marketplace. This leak, allegedly stemming from a third-party contractor working closely with Nokia on internal tool development, brings to light both sensitive code repositories and critical access credentials.
|
By Foresiet
At Foresiet, our mission is to help businesses stay informed about emerging cybersecurity risks. One of the latest and most dangerous threats is Interlock ransomware, a variant that has made waves on the dark web. This ransomware group claims to be more than just extortionists, positioning themselves as enforcers of accountability for companies that fail to adequately protect customer data and intellectual property.
|
By Foresiet
In recent weeks, reports have surfaced regarding a significant breach involving Cisco, exposing sensitive data from various organizations. This blog post delves into the details of the breach, the compromised data, the implicated companies, and the methods used by attackers to gain access to such critical information.
|
By Foresiet
In a significant breach, over 10 million customer conversations from an AI-powered call center platform in the Middle East have been exposed. This incident has raised alarm bells regarding the security vulnerabilities of AI platforms widely used in sectors such as fintech and e-commerce. As AI platforms become integral to business operations, the risks of compromised data tracking and brand impersonation have also escalated.
|
By Foresiet
On October 9, 2024, the Australian government took a significant step in fortifying its cyber defenses by introducing the Cyber Security Bill 2024 to Parliament. This pioneering legislation marks the country's first standalone cybersecurity law, designed to enhance protections for both citizens and organizations amid escalating geopolitical and cyber threats. By implementing comprehensive measures, Australia aims to safeguard critical infrastructure and ensure a more secure digital environment.
|
By Foresiet
Microsoft is currently investigating a significant issue affecting its Outlook desktop app, with users experiencing a range of problems, including crashes, high memory consumption, and login failures. Initially believed to impact only European users, the issue has now been reported by users globally, signaling a more widespread problem. In addition to the desktop app, some users have experienced similar issues while using Outlook on the web (OWA), making this a pressing matter for Microsoft to address.
|
By Foresiet
Imagine, the system can think exactly like human brain, sense the risk, Forecast, react, Protect and correlate the past incident and recover with Self immunity
- November 2024 (5)
- October 2024 (13)
- September 2024 (20)
- August 2024 (12)
- July 2024 (28)
- June 2024 (25)
- May 2024 (15)
- April 2024 (9)
- March 2024 (7)
- February 2024 (3)
- June 2023 (2)
- May 2023 (1)
- April 2023 (3)
- March 2023 (1)
- February 2023 (1)
- January 2023 (1)
- September 2021 (2)
- May 2021 (1)
- May 2020 (1)
One Click Digital Risk Protection platform to protect from digital external threats, detect and prevent breach epidemic from surface, deep and Dark web.
Foresiet Digiview uses AI powered engine to identify and forecast the risk based on 100+ unique vectors across on-prem and cloud deployment assess your cyber security posture with Industry benchmarking.
- Digital Risk: Measure your third party / supply chain digital Risk and good cyber hygiene.
- Brand Monitoring and self-healing: Protect from Impersonation, Rogue websites, Fake social pages, mobile applications etc.
- Anti-Phishing Shield: Protect employee from targeted Phishing / Impersonation attack using ML/AI engine.
- Attack surface visibility: Discover / monitor external assets including infrastructure, vulnerable asset.
- Threat Intelligence: Stay updated with latest threat advisory from Social, Deep and Dark web.
- Compliance: Automated way to assess third party / vendor compliance and maturity.
Foresiet DigiRisk is the first platform to cover all of your digital risks, allowing enterprise to focus on the core business.