Goodfellas, the Brazilian carding scene is after you
There are three ways of doing things in the malware business: the right way, the wrong way and the way Brazilians do it. From...
Centrify for NIST 800-171 MFA Compliance
I often speak with Federal System Integrators (FSIs) who need to implement Multi-Factor Authentication (MFA) as part of their NIST 800-171 compliance.
Specifically section 3.5.3...
OT Cybersecurity – Securing Your Industrial Operations for Reliability and Uptime
OT Cybersecurity - Securing Your Industrial Operations for Reliability and Uptime #outlook...
A Deep Dive into Database Attacks [Part III]: Why Scarlett Johansson’s Picture Got My...
As part of Imperva’s efforts to protect our customers’ data, we have an ongoing research project focused on analyzing and sharing different attack methods...
Time of death? A therapeutic postmortem of connected medicine
#TheSAS2017 presentation: Smart Medicine Breaches Its “First Do No Harm” Principle
At last year’s Security Analyst Summit 2017 we predicted that medical networks would be...
SEC Clarification: Companies Must Disclose Breaches
In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the...
Somebody’s watching! When cameras are more than just ‘smart’
Every year the number of smart devices grows. Coffee machines, bracelets, fridges, cars and loads of other useful gadgets have now gone smart. We...
Masha and these Bears
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary. They are sometimes portrayed as wild...
The Slingshot APT FAQ
While analysing an incident which involved a suspected keylogger, we identified a malicious library able to interact with a virtual file system, which is...
Latest article
Top 10 Best Malware Sandbox Tools for Security Teams in 2026
The cybersecurity landscape in 2026 is defined by unprecedented sophistication. Threat actors are leveraging generative AI, highly evasive polymorphic code, and zero-day exploits to...
CVE-2025-68768 inet: frags: flush pending skbs in fqdir_pre_exit()
Information published. - Read more
Google leaks details for Chromium bug that can turn browsers into bots
Chromium — the open-source browser that underpins Google Chrome, Microsoft Edge, and Opera, among others — contains an unpatched vulnerability...
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that...
