IT threat evolution Q1 2018. Statistics
Q1 figures
According to KSN:
Kaspersky Lab solutions blocked 796,806,112 attacks launched from online resources located in 194 countries across the globe.
282,807,433 unique URLs were...
OPC UA security analysis
This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to...
How to Operationalize the Zero Trust Security Pillar ‘Limit Access & Privilege’ with ServiceNow
An easy way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
June 4th – 7th | National Harbor, MD
- Read more
SynAck targeted ransomware uses the Doppelgänging technique
The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this...
World Password Day – 5 Facts About Weak Credentials
Happy World Password Day!
Ok, I’ll admit until a few days ago, I wasn’t aware this was a thing. As with most events in my...
Who’s who in the Zoo
ZooPark is a cyberespionage operation that has been focusing on Middle Eastern targets since at least June 2015. The threat actors behind the operation...
Insights from the Verizon 2018 Data Breach Investigation Report
The 2018 Verizon Data Breach Investigation Report (DBIR) was published in early April, reporting on 53,308 security incidents and 2,216 data breaches from 67...
Latest article
CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
Information published. - Read more
Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2
Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh...
CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability
TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the...
Expired domain leads to supply chain attack on node-ipc npm package
A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The...
