Patch CVE-2023-23397 Immediately: What You Need To Know and Do

We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale. Read More HERE…

Read more

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware. Read More HERE…

Read more

S4x23 Review Part 2: Evolving Energy Cybersecurity

In this second report on S4x23 held last February, this article introduces the discussion on cyber security in the energy industry, which was one of the topics that attracted attention. Read More HERE…

Read more

Examining Ransomware Payments From a Data-Science Lens

In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups’ ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” Read More HERE…

Read more

S4x23 Review Part 1: What’s New in OT Security

This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews. Read More HERE…

Read more

Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks

In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups’ targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.” Read More HERE…

Read more

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems. Read More HERE…

Read more