Threat Intelligence Feeds for Better DDoS Protection DDoS (distributed denial of service) attacks have become a major threat to a huge variety of businesses, from the smallest… Shani Czyzyk | March 22, 2023
Dependency Confusion Attacks In recent years, there has been a significant increase in the number of software supply chain attacks. These attacks target… Pascal Geenens | February 13, 2023
What is Card Testing? Card testing, also known as card checking, is a form of fraud where criminals try to determine if stolen credit… Daniel Smith | February 9, 2023
Bots Are Now Robocalling to Phish For Your Two-Factor Authentication (2FA) Codes Phishing for 2FA codes is the latest in specialized bots that make it easier and quicker for fraudsters to fool… Neetu Singh | February 1, 2023
Exploring Killnet’s Social Circles It is not common for analysts to have the opportunity to study the social circles of criminal organizations, but occasionally… Daniel Smith | January 27, 2023
The LinkedIn Data Scraping Verdict — and Its Reversal In October of last year, a ruling against LinkedIn by The United States Court of Appeals for the Ninth District… Richard Arneson | December 12, 2022
What is the W4SP Information Stealer? Since mid-October, W4SP malware is attacking software supply chains; in this case, it's using Python packages to launch an information… Richard Arneson | December 1, 2022
Credential Access via Information Stealers Throughout 2022, the theft of user credentials continued to blanket the threat landscape. A recent example that illustrates both the… Daniel Smith | November 18, 2022
OpenSSL CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows After a week of speculation about OpenSSL vulnerabilities, the OpenSSL project disclosed two new CVEs to address buffer overrun vulnerabilities… Pascal Geenens | November 2, 2022
This was H1 2022: Part 3 – Beyond the War Being caught up in all the events and media attention stemming from the Russo-Ukrainian conflict, one could forget that there… Pascal Geenens | August 18, 2022
The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape In June 2021, I wrote a blog questioning if decade-old denial-of-service tools were still relevant. At the time, I had… Daniel Smith | August 16, 2022
This was H1 2022: Part 2 – Cyber War On February 24, 2022, news broke that Russia had initiated its special military operation against Ukraine. That date, which marked… Pascal Geenens | August 12, 2022