In Pursuit of a Gestalt Visualization: Merging MITRE ATT&CK® for Enterprise and ICS to Communicate Adversary Behaviors
Understanding the increasingly complex threats faced by industrial and critical infrastructure organizations is not a simple task. As high-skilled threat actors continue to learn about the unique nuances of operational technology (OT) and industrial control systems (ICS), we increasingly observe attackers exploring a diversity of methods to reach their goals.
Instagram App Vulnerability Let Hackers to Take Control of Your Account Using Malformed Picture
Researchers detected a critical RCE Instagram vulnerability that allows the threat actors to take control of your Instagram account by sending a simple images to the victim via email, WhatsApp or other media exchange platforms. When the victim opens the Instagram app, the exploitation takes place.
Covid-19 Cyberattack Analysis
Based on extensive data collected across Cynet clients, this report details changes in cyberattacks observed across North America and Europe since the beginning of the Covid-19 pandemic.
Recorded Future Predict 2020: Intelligence to Disrupt the Status Quo
The Recorded Future Security Intelligence Platform dynamically categorizes, links, and analyzes intelligence from an unrivaled range and variety of sources in real time — and it instantly integrates with existing security tools. Start easily consuming insights and proactively reducing risk today.
Critical Industrial Flaws Pose Patching Headache For Manufacturers
Sharon Brizinov, the principal vulnerability researcher with Claroty, has discovered and reported various security flaws in industrial control systems (ICS), including most recently a vulnerability in a software component used by various critical infrastructure systems (which he disclosed last week).
Ransomware en masse on the wane: top threats inside web-phishing in H1 2020
Singapore, 09/18/2020 — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It came as no surprise that web-phishing targeting various online services almost doubled during the COVID-19 pandemic: it accounted for 46 percent of the total number of fake web pages.
Threat actors target WordPress sites using vulnerable File Manager install
In early September, experts reported that hackers were actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin.
Serious Security: Hacking Windows passwords via your wallpaper
We’re all aware of the risks posed by unknown EXE files, for example, because EXE is the extension for native Windows programs – even the operating system itself is implemented as a collection of EXEs.
Making the most of XG Firewall v18 – Part 4
In The State of Ransomware 2020 report, over half the participating companies surveyed across 26 countries reported that they had been hit by ransomware in the past 12 months. This result demonstrates the critical need for predictive zero-day threat identification and protection as advanced threats like ransomware become more targeted and evasive.