Sometimes there’s more than just an enticing product offer hiding behind an ad
WhatsUp Gold gives a user visbility into applications, network devices and servers. To do this, it requires a lot of credentials, making it a good target for attackers. While tracing out some...
Thorchain is a cross chain bridging platform with DeFi elements. In the Thorchain router on EVM, there is a call made to an arbitrary contract with a low level call. If this fails, then an ETH...
Cross chain bridging platforms require on-chain and off-chain components. For Ethereum, the common practice is emitting an event in the EVM, which will be processed off-chain. After the processing...
Roundcube is an open source webmail software that enables users to check emails in their browser. Many government agencies use it, making it a good target for exploitation. Naturally, the biggest...
Researchers discovered a new attack exploiting the CVE-2023-22527. The attack uses an in-memory fileless backdoor, known as the Godzilla webshell. The Godzilla backdoor uses AES encryption for...
ZKSync was launching the Aave V3 pool on their chain. While activating this they noticed a major bug. The bug only happened after a complex flow of supplying and borrowing assets. Since things...
Research report benchmarks vendor innovation and growth performance in CSPM.
an image of a blue square with the embedded text "Google" and "Threat Analysis Group"
For over a year, a persistent malware campaign has been targeting Roblox developers through malicious NPM packages. By mimicking the popular “noblox.js” library, attackers have published dozens of...
Wi-Fi Hacking is much easier than most people think and the way to achieve it is some common techniques that most hackers use. With a few simple steps, the average user can protect their home router…
Explore 2024 Check Fraud Report: Rising U.S. fraud trends, geographic hotspots, and threat actors, with insights from Telegram data.
The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become
Demystifying CVE-2024-7262 and CVE-2024-7263
We are thrilled to announce our latest development for our integration of Recorded Future with Google Security Operations, also known as Security Operations (Formerly known as Google Chronicle).
The critical vulnerability CVE-2023-22527 is being actively exploited for cryptojacking activities, turning affected Confluence Data Center and Server instances into cryptomining networks....
USDC is one of the biggest assets in crypto by usage and TVL. Circle, the owners of USDC, created the protocol Cross Chain Transfer Protocol (CCTP). Although this is a general message passing...
In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors
As a precursory, I really don't like how this article is written. It takes more time to hype up the bug and the companies work than actually explain the vulnerability. Additionally, the...
The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure
Key Takeaways In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor … Read More
In July 2024, the software supply chain security landscape faced unprecedented challenges, marked by sophisticated attacks from state-sponsored actors and organized cybercriminal groups. North...
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security
The threat actor group Bling Libra (behind ShinyHunters ransomware) has been observed infiltrating an organization's Amazon Web Services (AWS) environment, focusing on extortion rather than...
Attackers can take advantage of a quirk of the default AWS configuration (without SourceIdentity configured) to potentially make detecting and attributing their actions more difficult.
Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM
This case study serves to highlight the importance of rapid, heuristic, accurate, and contextualized detection and response in the cloud.
Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with
The authors of the post were trying to find SSRF bugs within Microsoft Copilot after finding 2 but recently patched bugs. They found that when providing key phrases it was possible to trigger an...
Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat...