Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

During 2022 and the first quarter of 2023 Cyberint noticed an increased trend in Threat Actors engaging in malvertising, AKA abusing the ad space to distribute their phishing & malware campaigns. Malvertising increases their reach and potential victims due to advertisement prioritization in search engine results. This trend is a lesser-known risk among the general public, and therefore poses a higher threat.

Over the past two months, the Cyberint research team has witnessed an extensive campaign in which threat actors are actively exploiting the recently discovered vulnerability in the PaperCut print management platform. The Cyberint research team has identified a significant trend in relation to these recent attacks and associated incidents linked to this vulnerability.

Ever since Pompompurin’s arrest and the shutdown of BreachedForums, threat actors have been looking for a new home to migrate and continue their cybercrime activities, especially the data leakage groups. Although Telegram has become one of the most popular platforms for the cybersecurity community, data leakage groups and other cybercrime sellers still need an underground forum to advertise their services and findings.

Supply Chain Intelligence is an improved method for continuously discovering, monitoring, assessing and mitigating risk introduced to your organization through 3rd party technologies, vendors, and suppliers.

In this blog and video a Cyberint cybersecurity expert explains how the ‘dark web’ operates and shows real live examples of actors and their criminal activity. Learn how to access the dark web and what are some of the most common behaviors that companies should be watching out for.

In 2022 & 2023 Western government agencies have managed to take down multiple prominent dark web forums such as RaidForums in April 2022, BreachedForums in March 2023, and Genesis Marketplace in April 2023. This might make threat actors in the West feel less confident in initiating activities on such monitored platforms and could shift their focus to Chinese-speaking forums.

It’s time to broaden our conception of the external attack surface to include all common attack vectors. Traditionally, the external attack surface is thought of as all of an organization’s external IT assets: domains, addresses, web servers, SSL certificates, externally-visible software, and so on.

Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.

Cyber attacks can have a significant impact on point-of-sale (POS) services, which are used in retail environments to process transactions and collect payments from customers. POS systems typically involve the use of software, hardware, and network components, which can be vulnerable to a variety of cyber threats. A successful campaign targeting POS systems can result in credit card theft, transaction tampering, service disruption, brand damage and other severe organizational damage.