The updated ISO 27002 adds 11 new controls spanning a range of security services, including the addition of threat intelligence control 5.7. The ISO 27000 series is an industry standard that has long defined and dictated base-level requirements for organizations’ information security management systems (ISMS). Through more than a dozen...

In modern cybersecurity, it's not just about what's inside your network—it's about what's exposed to the outside world. With the proliferation of cloud services, third-party integrations, and remote work setups, your organization's external attack surface has grown exponentially. Traditional security measures often struggle to keep up with this sprawl, leaving...

Meet “Sodinokibi” this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat Threat actor profile: Sodinokibi Image 1: Screenshot of Sodinokibi’s profile from our Threat Context module Known Aliases Sodin REvil Gold...

A critical vulnerability was discovered in current versions of OpenSSL affecting almost every organization. A fix is now out since 1 November. Learn more about the vulnerabilities and what to do if you have been impacted. What you need to know OpenSSL is a software library widely used by companies...

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America Threat actor profile: Guacamaya Image 1: Screenshot of Guacamaya’s profile from the Threat Context module Known Aliases alina weichafe Guacamaya Key points Guacamaya is a hacktivist group acting in defense of the abuse performed on the territory...

Since its inception almost a decade ago and the MirrorBlast campaign, the threat actor group known as TA505 has continued to plague the financial, retail and restaurant sectors. Learn more about the GraceWrapper post-exploitation enabler and how its detection evasion technique works. Be it selling compromised network access to malware...

Pen Testing solutions to empower businesses to proactively address application security vulnerabilities amid surging threats CHICAGO, October 11, 2022 – Today, Outpost24 announced the introduction of its Penetration Testing as a Service (PTaaS) solutions to the North American market to better empower businesses to understand and address threats in their...

Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia Threat actor profile: Shathak Image 1: Screenshot of Shathak’s profile from the Threat Context module Known Aliases TA551 Shathak GOLD CABIN Monster Libra ATK236 G0127 Key...

Organizations are rapidly moving towards web-based applications and services to run their business and connect with customers. From eCommerce platforms and customer portals to internal tools and APIs, web apps power essential services across every industry. But with this growing reliance comes a growing risk: cybercriminals are increasingly targeting web...

The Hive Gang is a Ransomware as a Service (RaaS) providers first identified in June 2021. Although relatively new, their aggressive tactics and ever evolving malware variants have made them one of the most successful RaaS groups of its kind. Find out how the group has risen through the ranks...