EncryptHub, a rising cybercriminal entity, has recently caught the attention of multiple threat intelligence teams, including our own (Outpost24’s KrakenLabs). While other reports have begun to shed light on this actor's operations, our investigation goes a step further, uncovering previously unseen aspects of their infrastructure, tooling, and behavioral patterns.  Through...

An integrated attack surface management (ASM) and Pen Testing as a Service (PTaaS) solution that enables organizations to implement a flexible and comprehensive application security strategy.  Today, Outpost24 is excited to announce the launch of its new CyberFlex solution, a flexible combination of ASM and PTaaS. With two-thirds of organizations...

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. The key focuses this month are on the threat groups Black Basta and M_A_G_A, plus plenty more observed highlights from...

Security through obscurity is based on the idea that if attackers don’t know how a system works or even if it exists, they’ll have a harder time breaching it. Despite repeatedly broken implementations and lacking support from standards bodies, this concept continues to be widely used. Secret doesn’t always mean...

In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors. False...

On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In...

Starting a security program can be challenging for some organizations, especially running a mature program across a large business. Resourcing, lack of organization, and not having a clear remediation strategy are key aspects to the failure of some programs, which can all result in severe breaches of businesses. I’ll walk...

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from January. Threat actor of the month: Funksec ransomware “Funksec ransomware” is a threat...

On the crisp morning of December 13th, 2024, as the clock struck 09:59 CET, anticipation filled the air. Around the world, over 200 hackers from 100 teams were gearing up for Outpost24’s annual Capture the Flag (CTF) event, aptly named "json returns". Participants performed their final checkups, opened cans of...

Subdomain takeover is a serious risk for organizations with a large online presence (which is a lot of businesses in 2025!). A domain name is the starting point of your company’s online identity, encompassing the main and subsidiary websites—serving as the organization’s business card, storefront, and a central hub for...