Cyber Threat Intelligence Report: UK Further and Higher Education Sectors
The UK Further and Higher Education sectors are increasingly becoming targets for cyber-attacks. These attacks range from opportunistic ransomware operations to more sophisticated Advanced Persistent Threat (APT) groups. This report…
Nokia 2023 Threat Intelligence Report
In the recently released “Threat Intelligence Report 2023” by Nokia, the company provides an in-depth analysis of the current cybersecurity landscape, particularly focusing on telecom networks and customer data. The…
Risks Associated with Managed File Transfer (MFT) Solutions
Managed File Transfer (MFT) solutions are essential tools for businesses to securely transfer sensitive data. However, like any software, they can be vulnerable to exploits if not properly managed and…
Investigating SMS phishing text messages from scratch – A great share from @BushidoToken
Online and at conferences, people ask me how to get started in threat intel. What I usually offer as advice to budding analysts starting out is to practise analysing things…
Analysis of Evasive Panda APT Group’s Recent Activities
The Evasive Panda Advanced Persistent Threat (APT) group, also known as BRONZE HIGHLAND and Daggerfly, has been active since at least 2012. This Chinese-speaking APT group has been conducting cyberespionage…
TIR : Weekly Threat Intelligence News Digest
Weekly Digest: Other Cybersecurity News In addition to the articles from Threat Intelligence Report, there have been several other significant developments in the world of cybersecurity over the past week:
Understanding and Mitigating Insider Threats: A Comprehensive Approach
Insider threats are a significant cybersecurity risk that originates from within an organisation. These threats can come from current or former employees, contractors, or anyone else with intimate knowledge of…
Threat Actor Profile: APT30
APT30, also known as APT-C-30, is a China-based cyber espionage group that has been active since at least 2005. The group has targeted multiple industries, including the aerospace, government, defense,…
Insecure Direct Object References (IDOR): A Deep Dive into the #1 Vulnerability Found by Penetration Testers in 2023
Insecure Direct Object References (IDOR) vulnerabilities have been a consistent thorn in the side of web application security. In 2023, it was identified as the top vulnerability discovered by penetration…
Top 10 Vulnerabilities and Misconfigurations Found by Pen Testers in 2023
In the ever-evolving landscape of cybersecurity, it is crucial to stay updated with the latest vulnerabilities and misconfigurations that threat actors exploit. This article provides a detailed overview of the…