Attack Surface Management 2022 Midyear Review Part 3

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. Read More HERE…

Read more

Attack Surface Management 2022 Midyear Review Part 2

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. Read More HERE…

Read more

Threat Actors Target AWS EC2 Workloads to Steal Credentials

We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools. Read More HERE…

Read more

Attack Surface Management 2022 Midyear Review Part 1

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. Read More HERE…

Read more

Security Breaks: TeamTNT’s DockerHub Credentials Leak

One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022. Read More HERE…

Read more

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. Read More HERE…

Read more

Oil and Gas Cybersecurity: Recommendations Part 3

In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. Read More HERE…

Read more