Blog

Monday 16 October 2017

Reports emerged just over a week ago of a new cyber-enabled bank heist in Asia.

Security Research

Wednesday 17 May 2017

On the 12th of May 2017, a number of organisations across the world were subject to a ransomware attack. Discover our Threat Research team's analysis of the WanaCrypt0r Ransomworm.

Security Research

Tuesday 04 April 2017

Since late 2016 we have been investigating a campaign of intrusions against several major MSPs. These attacks can be attributed to the actor known as APT10 (a.k.a. CVNX, Stone Panda, MenuPass, and POTASSIUM). We have joined forces with PwC to release our findings from investigations into these on-going attacks.

Security Research

Monday 13 February 2017

An outline and analysis of a series of attacks directed at Polish financial institutions based on a recent article from badcyber.com and our own additional findings.

Security Research

Monday 23 May 2016

Every fraud is preceded by an information compromise, and the Bangladesh Bank heist demonstrated the power of a cyber attack once a perimeter is breached...

Financial Crime, Security Research

Friday 13 May 2016

Attributing a single cyber-attack is a hard task and often impossible. However, when multiple attacks are conducted over long periods of time, they leave a trail of digital evidence.

Security Research

Tuesday 26 April 2016

In February 2016 one of the largest cyber heists was committed and subsequently disclosed. Discover the details in our technical threat research blog post detailing the malware used in this targeted attack.

Security Research

Wednesday 20 April 2016

The affected ASUS routers suffer from insecure default configuration for Anonymous users, once anonymous access in enabled. Write access is enabled for all directories in the attached storage by default. Furthermore, the administrator is not able to restrict read or write access for any specific directories on attached storage devices

Security Research

Wednesday 13 January 2016

So-called SQL injection (SQLi) attacks can be used to delete, modify or retrieve information from the database, and even execute commands on the underlying operating system. Discover how to prevent SQLi on your network.

Security Research

Wednesday 02 December 2015

Attackers use social engineering to exploit trust. An end user is more likely to open a malicious attachment or click a link if it appears to come from a trusted source...

Security Research