-
Monday 16 October 2017
Taiwan Heist: Lazarus Tools and Ransomware
Reports emerged just over a week ago of a new cyber-enabled bank heist in Asia.
Security Research
Security Research -
Wednesday 17 May 2017
WanaCrypt0r Ransomworm
On the 12th of May 2017, a number of organisations across the world were subject to a ransomware attack. Discover our Threat Research team's analysis of the WanaCrypt0r Ransomworm.
Security Research
Security Research -
Tuesday 04 April 2017
APT10 - Operation Cloud Hopper
Since late 2016 we have been investigating a campaign of intrusions against several major MSPs. These attacks can be attributed to the actor known as APT10 (a.k.a. CVNX, Stone Panda, MenuPass, and POTASSIUM). We have joined forces with PwC to release our findings from investigations into these on-going attacks.
Security Research
Security Research -
Monday 13 February 2017
Lazarus & Watering-hole Attacks
An outline and analysis of a series of attacks directed at Polish financial institutions based on a recent article from badcyber.com and our own additional findings.
Security Research
Security Research -
Monday 23 May 2016
As money laundering scams go, the Bangladesh Bank heist wasn't that sophisticated
Every fraud is preceded by an information compromise, and the Bangladesh Bank heist demonstrated the power of a cyber attack once a perimeter is breached...
Financial Crime, Security Research
Security ResearchFinancial Crime -
Friday 13 May 2016
Cyber Heist Attribution
Attributing a single cyber-attack is a hard task and often impossible. However, when multiple attacks are conducted over long periods of time, they leave a trail of digital evidence.
Security Research
Security Research -
Tuesday 26 April 2016
Two bytes to $951m
In February 2016 one of the largest cyber heists was committed and subsequently disclosed. Discover the details in our technical threat research blog post detailing the malware used in this targeted attack.
Security Research
Security Research -
Wednesday 20 April 2016
Multiple vulnerabilities affecting several ASUS
The affected ASUS routers suffer from insecure default configuration for Anonymous users, once anonymous access in enabled. Write access is enabled for all directories in the attached storage by default. Furthermore, the administrator is not able to restrict read or write access for any specific directories on attached storage devices
Security Research
Security Research -
Wednesday 13 January 2016
Testing your defences against SQL injection
So-called SQL injection (SQLi) attacks can be used to delete, modify or retrieve information from the database, and even execute commands on the underlying operating system. Discover how to prevent SQLi on your network.
Security Research
Security Research -
Wednesday 02 December 2015
A Bumper Harvest - Cryptolocker Address Book Theft
Attackers use social engineering to exploit trust. An end user is more likely to open a malicious attachment or click a link if it appears to come from a trusted source...
Security Research
Security Research