EHA
NDR Technology

How Network Detection & Response (NDR) Technology is Used Against Cyber Threats

NDR solutions are becoming indispensable for many organizations in their security architecture due to how they handle threats. They are proactive web security tools for handling threats, as they don't wait for a breach...
Russian Threat Actor “farnetwork” Linked With 5 Ransomware Strains

Russian Threat Actor “farnetwork” Linked With 5 Ransomware Strains

In March 2023, the cybersecurity landscape witnessed a significant revelation as Group-IB's Threat Intelligence team delved into the clandestine world of farnetwork, an elusive threat actor linked to five notorious ransomware strains.  Farnetwork, also known...
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. The threat actor has...
Crowdsourced Threat Intelligence

What is Crowdsourced Threat Intelligence?

Threat intelligence is essential for cybersecurity, as it provides organizations with a clear view of the current threat landscape and enables them to adapt their defenses accordingly. While there are many ways to gather...
Within 5 minutes, hackers were able to get AWS credentials from GitHub

Within 5 Minutes, Hackers Were Able to Get AWS Credentials From GitHub

Recent reports indicate that a new campaign under the name EleKtra-Leak has been identified to target AWS IAM (Identity and Access Management) credentials within minutes of their public exposure on GitHub. This is done...
Threat Actors Actively Exploiting Cisco IOS XE Zero-day Vulnerability

Threat Actors Actively Exploiting Cisco IOS XE Zero-day Vulnerability

Threat actors exploit zero-day vulnerabilities because these flaws are unknown to the software developers, making them highly effective for launching attacks.  Exploiting zero-days allows malicious actors to bypass security measures and gain unauthorized access or...
EtherHiding: A Novel Technique to Hide Malicious Code Using Binance’s Smart Chain

EtherHiding: A Novel Technique to Hide Malicious Code Using Binance’s Smart Chain

Threat actors have employed a new technique to distribute malicious code named “EtherHiding,” which abuses Binance's Smart Chain (BSC) contracts to host parts of a malicious code chain to hide them inside the blockchain. To...
Telegram, AWS, and Alibaba Cloud Users Targeted in latest supply chain attack

Telegram, AWS, and Alibaba Cloud Users Targeted in Latest Supply Chain Attack

A new supply-chain attack, which was active throughout September 2023, has been discovered in which threat actors used Typosquatting and Startjacking techniques to lure developers using Alibaba cloud services, AWS, and Telegram into downloading...
Webwyrm Malware Attacking Over 100,000 Users Across 50 Countries

Webwyrm Malware Affects More Than 100,000 Users in 50 Countries

Threat actors are evolving their Tactics, Techniques, and Procedures (TTPs) at an alarming rate.  With technological advancements and increased awareness of cybersecurity measures, they continually adapt to exploit vulnerabilities and enhance their attack success rates. Webwyrm,...
Threat Actors Employ Remote Admin Tools to Gain Access over Corporate Networks

Threat Actors Employ Remote Admin Tools to Gain Access over Corporate Networks

Recently, threat actors have adapted tactics, exploiting the appeal of banned apps in specific regions, making users more susceptible to cyberattacks through cleverly crafted campaigns. In a recent campaign, Chinese users were lured with a...

Managed WAF

Website

Latest News