Introducing MAX — Take supply chain cyber risk management to the MAX
Leverage unparalleled research to make smarter, faster business decisions
-
Research
New Intrusion Campaign Targeting Users of Popular Business Communication Software
More DetailsCyber Threat Intelligence -
Research
Investigations of Lazarus Group Indicators of Compromise Reveals Suspicious Traffic Involving State Government IP Addresses
More DetailsCyber Threat Intelligence -
Research
Attackers Exploit Windows Vulnerability to Deliver Nokoyawa Ransomware
On April 11, security researchers announced the discovery of CVE-2023-28252, a zero-day vulnerability under active exploitation by a sophisticated cybercriminal group. The vulnerability affects all versions of Windows and could therefore be quite widespread; however, a patch is available.
More DetailsCyber Threat Intelligence -
Research
New APT29 – Attributed Phishing Activity Targets Diplomatic Services
On April 13, Poland’s Computer Emergency Response Team (CERT.PL) and Military Counterintelligence Service released a group of joint advisories regarding newly-observed espionage activity attributed to a Russia-linked threat actor group.
More DetailsCyber Threat Intelligence -
Research
Cyber Risk Intelligence: Cold Storage and Logistics Disruption
On April 26, reports of a service disruption affecting a major cold storage and logistics firm surfaced.
More DetailsCyber Threat Intelligence -
Research
LockBit Group Claims Ransomware Attack Against Southeast Asian Bank
On May 8, the LockBit ransomware group claimed an attack against a major state-owned bank in Southeast Asia.
More DetailsCyber Threat Intelligence -
Research
Ransomware Affiliates Exploit Recently-Discovered PaperCut Vulnerability
On April 26, security researchers announced the discovery of CVE-2023-27350 and CVE-2023-27351, vulnerabilities in the PaperCut print management software solution.
More DetailsCyber Threat Intelligence -
Research
ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability
February 9, 2023More DetailsCyber Threat Intelligence -
Research
Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks
February 9, 2023More DetailsDr. Robert Ames, Staff Threat Researcher
Cyber Threat Intelligence, Public Sector -
Research
Iran-Attributed Exploitation of Log4Shell Vulnerability
January 6, 2023More DetailsDr. Robert Ames, Staff Threat Researcher
Cyber Threat Intelligence -
Research
Cyber Risk Intelligence: LockBit 3.0 Ransomware Group Claims Defense Contractor Breach
January 12, 2023More DetailsDr. Robert Ames, Staff Threat Researcher
Attack Surface Management, Cyber Insurance, Cyber Threat Intelligence, Supply Chain Cyber Risk -
Research
Investigation into Breached Australian Organizations
In mid-March, two Australian financial and professional services firms reported data breaches. These were followed by a series of cyber incidents affecting large Australian firms throughout 2022 and early 2023. As a result, some reporting on the incidents presented them as indications of systematic shortcomings in the country’s cyber defenses.
More DetailsCyber Threat Intelligence