ServiceNow Data Leak: Risks of Misconfigured Knowledge Bases
Blog ServiceNow Data Leak The ServiceNow Knowledge Base (KB) leak exposed sensitive corporate data from over 1,000 instances of the platform, largely due to misconfigured access controls. These KBs, used to store critical corporate data like PII, system credentials, and internal processes, were inadvertently exposed, giving unauthorized users access via public widgets. This widespread misconfiguration highlights ongoing […]
Digital War in the Middle East: Cyber Threats in Israel-Iran Conflict
Blog Digital War in the Middle East: Cyber Threats in Israel-Iran Conflict During the past few years, the chronic military and political dimensions of the conflict between Israel and Iran have progressively taken on aspects of cyber warfare. This new battle arena involves state-sponsored groups and hacktivists targeting both countries’ critical infrastructure, financial systems, and […]
Unmasking AzzaSec: A Closer Look
Blog In recent years, the cybersecurity landscape has witnessed the emergence of a new and formidable threat group known as AzzaSec. Founded on February 28, 2024, AzzaSec quickly gained notoriety for its hacktivist and financially motivated activities. This group, originating from Italy, has rapidly expanded its influence across Europe and beyond, collaborating with other notorious […]
Securing the Games: Cyber Strategies for Paris Olympics 2024
Blog Securing the Games: Cyber Strategies for Paris Olympics 2024 The Paris Olympics 2024 will be a landmark event, attracting athletes and visitors from around the globe. However, this grandeur also brings a significant cybersecurity challenge, with cybercriminals and hostile nations poised to target the event. This blog explores the cybersecurity threats facing the Paris Olympics 2024, […]
Hunter’s Lens: Russian Influence Operations Targeting the Paris Olympics 2024
Blog The Russian influence operations aimed at the Paris Olympics 2024 The Russian influence operations aimed at the Paris Olympics 2024 differ in a number of meaningful ways from earlier campaigns, revealing a major evolution in tactics, technology, and strategic focus of the disinformation machine. It now looks more like a holistic, multihead hydra in an effort […]
From Code to Threat Intel: How GitHub Monitoring Enhances Security Postures
Blog From Code to Threat Intel: How GitHub Monitoring Enhances Security Postures In today’s interconnected digital world, platforms like GitHub have become indispensable for developers. They enable seamless collaboration, effective version control, and streamlined continuous integration and deployment (CI/CD) processes. However, this accessibility and openness also make these platforms attractive targets for cybercriminals. These bad actors exploit […]
APT44: The Famous Sandworm of Russia
Blog Introduction APT44 is also known as Sandworm, FROZENBARENTS, Seashell, Quedagh, VOODOO BEAR, and TEMP.Noble, IRON VIKING, G0034, ELECTRUM, TeleBots, IRIDIUM, Blue Echidna, Sandworm Team, Sandworm, CTG-7263, ATK 14, BE2, UAC-0082, and UAC-0113. Research indicates that the group emerged in 2009. This group is attributed by many governments to Unit 74455 of the Main Centre […]
Axiom APT Group
Blog Introduction Axiom APT Group, known as Group 72, originates from China and has been conducting sophisticated, persistent threat attacks since 2008. These attacks are characterized by a complex and sustained attempt to infiltrate targeted institutions, organizations, or systems. Target and Sectoral Focus Since 2008, Axiom has conducted advanced attacks on several government agencies and […]
Iran-Based APTs
Blog Delve into Iran-based APTs, exploring their cyber strategies, targeted sectors, and the implications for global cybersecurity. APT33 APT33 is a group of APTs also known as Elfin, MAGNALLIUM, Refined Kitten, HOLMIUM, COBALT TRINITY, G0064, ATK35, ATK 35, TA451, Magnallium and APT33. This group was first spotted in 2013 and is known to be based […]
Lotus Panda: China’s Cyber Power
Blog Introduction Discovered in 2010 and originating from China, Lotus Panda is an APT group also known as Spring Dragon, ST Group, DRAGONFISH, BRONZE ELGIN, and many others. Target and Sectoral Focus Lotus Panda is targeting a wide geography in the Asia-Pacific region and the United States. In particular, countries such as Australia, Brunei, Cambodia, […]