Latest
Attacks & Breaches
ZCryptor Ransomware Attacks Targeting VMware Systems
The Italian National Cybersecurity Agency (ACN) has sounded the alarm on a new ransomware threat that is targeting unpatched VMware systems. The ransomware, called ZCryptor, encrypts users' files and demands payment for the data to be unencrypted. Many businesses across Italy...
Articles
The Evolution of Pentest Frameworks: From Past to Present
Introduction
The importance of penetration testing in cybersecurity
Penetration testing plays a crucial role in cybersecurity for several reasons:
Identifying Vulnerabilities: A pentest helps security professionals identify vulnerabilities in their systems before malicious actors can exploit them. By discovering these weaknesses, organizations can prioritize...
Attacks & Breaches
Chinese Hacking Group Linked to Zero-Day Exploitation of Fortinet FortiOS Security Flaw
Threat intelligence firm Mandiant has attributed the zero-day exploitation of a medium-severity security flaw in the Fortinet FortiOS operating system to a suspected Chinese hacking group.
The group, identified as UNC3886, is part of a broader campaign designed to deploy backdoors...
Articles
Attacks & Breaches
Attacks & Breaches
Pierce Transit Falls Victim to LockBit Ransomware Attack
The Pierce County Public Transportation Benefit Area Corporation (Pierce Transit), a public transit operator in Washington state, has recently become a victim of a cyberattack using LockBit ransomware.
The attack, which began on February 14, 2023, forced Pierce Transit to implement...
Attacks & Breaches
Dish Network Confirms Ransomware Attack and Data Breach
Dish Network, the American satellite broadcast provider, has recently admitted that the outage that occurred on February 24, 2023, was caused by a ransomware attack. The company initially kept quiet about the rumors of the attack, but has now confirmed it...
Attacks & Breaches
Malware Alert: Law Firms Targeted by GootLoader and SocGholish
The Menace of GootLoader and SocGholish Malware Strains
In January and February 2023, six different law firms were attacked by two distinct threat campaigns, which unleashed GootLoader and FakeUpdates (aka SocGholish) malware strains.
GootLoader: The Capable First-Stage Downloader
GootLoader, active since late...
Attacks & Breaches
Dole Food Company Hit by Ransomware Attack, Temporarily Halts Operations
Dole Food Company, one of the largest fruit and vegetable producers in the world, has recently disclosed that it was hit by a ransomware attack that caused a temporary shutdown of its production plants and disrupted food supplies to several US...
News
New wave of PlugX RAT attacks masquerading as Windows debugger tool
Cybersecurity experts have identified a new wave of attacks aimed at distributing the PlugX remote access trojan. In this campaign, the trojan is disguised as an open-source Windows debugger tool called x32dbg, which is a legitimate software application that enables users...
Popular
Five Penetration Testing Frameworks and Methodologies
Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls.
A security practitioner tasked with penetration...
Defense in Depth – The Layered Approach to Cybersecurity
Defense In Depth is a common terminology in modern-day cybersecurity practices. It is a strategy that employs a series of mechanisms, also known as controls, to stop an attack...
How to Become a Cybersecurity Expert
Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field.
Security breaches...
Learning Resources
How to Become a Cybersecurity Expert
Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field.
Security breaches...
A List of Tools to Help you Detect the Log4j Vulnerability
How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools.
Amazon Inspector and AWS
The Amazon Inspector team has created coverage for...
Find Information About a Person on Instagram with OSINTgram
OSINT or "Open Source INTeligence" plays a critical role in the field of cybersecurity. It can be used by your company to boost your company's defenses or as a...
Penetration Testing
Five Penetration Testing Frameworks and Methodologies
Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls.
A security practitioner tasked with penetration...
A List of Tools to Help you Detect the Log4j Vulnerability
How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools.
Amazon Inspector and AWS
The Amazon Inspector team has created coverage for...
Find Information About a Person on Instagram with OSINTgram
OSINT or "Open Source INTeligence" plays a critical role in the field of cybersecurity. It can be used by your company to boost your company's defenses or as a...