IT Security FAQ 5: What is White Hat vs Black Hat hacking? And what is a bug bounty hunter/program?
Comparing White Hat to Black Hat hacking is kind of like comparing the good guys to the bad guys. White Hat hackers look for vulnerabilities…
Month: May 2023
npm packages hide TurkoRAT malware in what looks like a NodeJS EXE
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. These…
SIM Swapping Technique to Gain Access to Azure Machines
Researchers uncovered a financially motivated threat group known as ‘UNC3944’ which employs phishing and SIM-swapping techniques to seize control of Microsoft Azure admin accounts. Enabling…
Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire…
The Hacker-Powered Security Report 2018
“Crowdsourced security testing is rapidly approaching critical mass, and ongoing adoption and uptake by buyers is expected to be rapid…” – Gartner Emerging Technology Analysis:…
How to Improve Your WordPress Security: Plugins and Themes
A clean WordPress installation is not much fun, but plugins and themes can have security issues that should not be ignored. In this blog post,…
The Underground History of Turla, Russia’s Most Ingenious Hacker Group
Ask Western cybersecurity intelligence analysts who their “favorite” group of foreign state-sponsored hackers is—the adversary they can’t help but grudgingly admire and obsessively study—and most…
Zomato’s First Anniversary with Bug Bounties: Q&A with Security Lead, Prateek Tiwari
Headquartered in India – restaurant discovery, online ordering and table reservations platform Zomato currently operates in 24 countries; including the United States, Australia, United Kingdom,…
WordPress Security – Detectify Blog
WordPress is amazing, we can’t argue with that. It’s efficient, powerful, and functional. However, given that it is the most popular Content Management System (CMS)…
Beware! CapCut Phishing Website Scams Target Video Editors
As the popularity of the CapCut video editing tool continues to soar, with over 200 million monthly active users in the US alone, threat actors…
Sumo Logic Penetration Testing Case Study
Secrecy has been a trademark of security culture for decades. Companies like cloud-based log management and analytics company Sumo Logic are choosing transparency. Subject to…
Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks
May 20, 2023Ravie LakshmananCyber Crime / Ransomware The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat…