Latest

ZCryptor Ransomware Attacks Targeting VMware Systems

The Italian National Cybersecurity Agency (ACN) has sounded the alarm on a new ransomware threat that is targeting unpatched VMware systems. The ransomware, called ZCryptor, encrypts users' files and demands payment for the data to be unencrypted. Many businesses across Italy...

The Evolution of Pentest Frameworks: From Past to Present

Introduction The importance of penetration testing in cybersecurity Penetration testing plays a crucial role in cybersecurity for several reasons: Identifying Vulnerabilities: A pentest helps security professionals identify vulnerabilities in their systems before malicious actors can exploit them. By discovering these weaknesses, organizations can prioritize...

Chinese Hacking Group Linked to Zero-Day Exploitation of Fortinet FortiOS Security Flaw

Threat intelligence firm Mandiant has attributed the zero-day exploitation of a medium-severity security flaw in the Fortinet FortiOS operating system to a suspected Chinese hacking group. The group, identified as UNC3886, is part of a broader campaign designed to deploy backdoors...

Articles

Attacks & Breaches

Pierce Transit Falls Victim to LockBit Ransomware Attack

The Pierce County Public Transportation Benefit Area Corporation (Pierce Transit), a public transit operator in Washington state, has recently become a victim of a cyberattack using LockBit ransomware. The attack, which began on February 14, 2023, forced Pierce Transit to implement...

Dish Network Confirms Ransomware Attack and Data Breach

Dish Network, the American satellite broadcast provider, has recently admitted that the outage that occurred on February 24, 2023, was caused by a ransomware attack. The company initially kept quiet about the rumors of the attack, but has now confirmed it...

Malware Alert: Law Firms Targeted by GootLoader and SocGholish

The Menace of GootLoader and SocGholish Malware Strains In January and February 2023, six different law firms were attacked by two distinct threat campaigns, which unleashed GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader: The Capable First-Stage Downloader GootLoader, active since late...

Dole Food Company Hit by Ransomware Attack, Temporarily Halts Operations

Dole Food Company, one of the largest fruit and vegetable producers in the world, has recently disclosed that it was hit by a ransomware attack that caused a temporary shutdown of its production plants and disrupted food supplies to several US...

New wave of PlugX RAT attacks masquerading as Windows debugger tool

Cybersecurity experts have identified a new wave of attacks aimed at distributing the PlugX remote access trojan. In this campaign, the trojan is disguised as an open-source Windows debugger tool called x32dbg, which is a legitimate software application that enables users...

Popular

Five Penetration Testing Frameworks and Methodologies

Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls. A security practitioner tasked with penetration...

Defense in Depth – The Layered Approach to Cybersecurity

Defense In Depth is a common terminology in modern-day cybersecurity practices. It is a strategy that employs a series of mechanisms, also known as controls, to stop an attack...

How to Become a Cybersecurity Expert

Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field. Security breaches...

Learning Resources

How to Become a Cybersecurity Expert

Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field. Security breaches...

A List of Tools to Help you Detect the Log4j Vulnerability

How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools. Amazon Inspector and AWS The Amazon Inspector team has created coverage for...

Find Information About a Person on Instagram with OSINTgram

OSINT or "Open Source INTeligence" plays a critical role in the field of cybersecurity. It can be used by your company to boost your company's defenses or as a...

Penetration Testing

Five Penetration Testing Frameworks and Methodologies

Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls. A security practitioner tasked with penetration...

A List of Tools to Help you Detect the Log4j Vulnerability

How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools. Amazon Inspector and AWS The Amazon Inspector team has created coverage for...

Find Information About a Person on Instagram with OSINTgram

OSINT or "Open Source INTeligence" plays a critical role in the field of cybersecurity. It can be used by your company to boost your company's defenses or as a...