News • Insights • Analysis
Trojanized open-source software is tricky to spot. This is because it takes on the façade of legitimate, non-malicious software, making it especially stealthy and useful for targeted attacks. However, a closer investigation can reveal suspicious behavior that exposes their malicious Read More …
The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Cobalt Strike is a legitimate penetration testing toolkit that allows attackers to deploy “beacons” on compromised devices to remotely “create shells, Read More …
French IT services giant Sopra Steria suffered a cyberattack on October 20th, 2020, that reportedly encrypted portions of their network with the Ryuk ransomware. Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide. The Read More …
In an article published in May 2018, Kaspersky ICS-CERT described their approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. Two years later, the issue of ensuring the security of industrial systems based on that Read More …
The source code for Windows XP SP1 and other versions of the operating system was allegedly leaked online today. The leaker claims to have spent the last two months compiling a collection of leaked Microsoft source code. This 43GB collection Read More …
Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations. Tyler Technologies is one of the largest U.S. software development and technology services companies dedicated to the public sector. With a forecasted $1.2 Read More …
The ever-increasing demands on IT infrastructures and the rise of continuous integration and continuous deployment (CI/CD) pipelines have pushed the need for consistent and scalable automation. This is where infrastructure as code (IaC) comes into play. IaC is the provisioning, configuring, Read More …
When a legacy protocol is connected via Ethernet, and subsequently to the internet, security issues arise. Standard Commands for Programmable Instruments (SCPI) is a legacy protocol that many advanced measurement instruments support. It can be issued via General Purpose Interface Read More …
Russian authorities have moved closer to implementing their plan of replacing the Windows OS on military systems with a locally-developed operating system named Astra Linux. Last month, the Russian Federal Service for Technical and Export Control (FSTEC) granted Astra Linux the Read More …
At the RSA security conference today, the National Security Agency, released Ghidra, a free software reverse engineering tool that the agency had been using internally for well over a decade. The tool is ideal for software engineers, but will be Read More …
