Havoc framework - Cyber Security Review

Havoc framework - Cyber Security Review

Sophisticated supply chain attack exploited TrueConf update process

Posted onApril 2, 2026April 3, 2026

Southeast Asian governments were recently targeted by a highly sophisticated supply chain attack as part of a wider cyber-espionage campaign, which experts believe is the work of the Chinese government. Security researchers Check Point detailed their findings on Operation TrueChaos, Read More …

Havoc: SharePoint with Microsoft Graph API turns into FUD C2

Posted onMarch 3, 2025March 4, 2025

Havoc is a powerful command-and-control (C2) framework. Like other well-known C2 frameworks, such as Cobalt Strike, Silver, and Winos4.0, Havoc has been used in threat campaigns to gain full control over the target. Additionally, It is open-source and available on Read More …

Wreaking havoc in cyberspace: threat actors experiment with pentest tools

Posted onOctober 8, 2024October 8, 2024

In recent months, adversaries have increasingly opted for the Havoc post‑exploitation framework. The tool is less popular compared to Cobalt Strike, Metasploit, and Sliver. According to BI.ZONE Threat Intelligence, this C2 framework is employed in an attempt to evade cybersecurity Read More …

Loki: a new private agent for the popular Mythic framework

Posted onSeptember 9, 2024September 9, 2024

In July 2024, Kaspersky researchers discovered the previously unknown Loki backdoor, which was used in a series of targeted attacks. By analyzing the malicious file and open sources, we determined that Loki is a private version of an agent for the Read More …

LATEST ARTICLES

THE STRATEGIC IMPORTANCE OF DIGITAL SOVEREIGNTY IN 2026
By Alexandre Grellier, CEO, Drooms
Cyber Security Review online – May 2026

A BEGINNER’S ROADMAP: HOW TO START YOUR AI SOC AGENT IMPLEMENTATION
By Kirsten Doyle
Cyber Security Review online – November 2025

THE PEOPLE BEHIND THE PIXELS: WHY CYBERSECURITY IN CRITICAL INDUSTRIES IS MORE HUMAN THAN EVER
Cyber Security Review online – July 2025

HOW TO MAXIMIZE EXCHANGE SERVER UPTIME? - SOME BEST PRACTICES
Cyber Security Review online – June 2025

KEY METRICS TO TRACK WHEN IMPLEMENTING AI IN YOUR SOC
By Josh Breaker-Rolfe
Cyber Security Review online – December 2024

ACHIEVING DATA SECURITY RESILIENCE WITH DSPM TOOLS
By Katrina Thompson
Cyber Security Review online – November 2024

CYBER SECURITY IN CRITICAL INDUSTRIES: CHALLENGES, SOLUTIONS, AND THE ROAD AHEAD
Cyber Security Review online – August 2024

HOW TO ENGAGE YOUR EMPLOYEES IN SECURITY AWARENESS TRAINING
Cyber Security Review online – April 2024

WHY IMMINENT SEC CYBER RULE CHANGES MEANS CYBER SECURITY LEADERSHIP MUST COME FROM THE VERY TOP
By Miguel Clarke, GRC and Cyber Security lead for Armor Defense
Cyber Security Review online – November 2023

WHAT COULD YOU DO IF YOU KNEW HOW EVERY PIECE OF DATA WAS BEING USED?
By Ross Moore, Cyber Security Support Analyst with Passageways
Cyber Security Review online – October 2023

A BRIEF HISTORY OF DATA LOSS PREVENTION
Cyber Security Review online – July 2023

THE 5 ESSENTIAL CYBERSECURITY AWARENESS TRAINING TIPS FOR A MORE SECURE ENVIRONMENT
Cyber Security Review online – June 2023

THE 8-STEP COMPREHENSIVE CHECKLIST FOR APPLICATION SECURITY IN 2023
Cyber Security Review online – April 2023

THE NETWORK SECURITY CHALLENGE:
Improving Visibility to Defend Against Cyberthreats
By Kev Eley, Vice President Sales UK and Europe at LogRhythm

SWEDEN LAUNCHES EUROPE’S MOST ADVANCED HUB FOR AUTOMOTIVE CYBER SECURITY
Research Institute engages ethical hackers and the latest research in cyber technology to combat spiraling threats to connected vehicles