Using an outdated jQuery library can open up your web application to vulnerabilities. Read more to find out how to find and fix jQuery vulnerabilities. jQuery is among the oldest JavaScript libraries available online. It simplifies your coding and is used by countless websites. But there is an inherent danger...

Our annual Ransomware Report shares the latest trends and developments of the most active threat groups to help businesses better protect themselves Introduction The prevalence of ransomware attacks reached unprecedented levels in 2022. After closely monitoring the most active ransomware groups in the last year, the KrakenLabs research team at...

What are the most common cybersecurity threats facing your business? The 2023 Cyber Threat Landscape Study provides valuable threat intelligence to help you implement the appropriate security measures against real threats. The Outpost24 research team is sharing the results of the attack data from a network of honeypots deployed to...

In this article, we’ll look at Content Security Policy (CSP) through the eyes of a penetration tester. We will outline the advantages of CSP, explain why you should have it on your site, and share some common misconfigurations that can be exploited, along with the relevant bypass scenarios. What is...

In light of the numerous large-scale cyberattacks witnessed in the last year, 2023 promises to be an exciting time for cybersecurity. Outpost24 experts share their thoughts on what we can expect in the new year, and how to best prepare against new threats. Remote working is dead. Long live hybrid...

The updated ISO 27002 adds 11 new controls spanning a range of security services, including the addition of threat intelligence control 5.7. The ISO 27000 series is an industry standard that has long defined and dictated base-level requirements for organizations’ information security management systems (ISMS). Through more than a dozen...

In modern cybersecurity, it's not just about what's inside your network—it's about what's exposed to the outside world. With the proliferation of cloud services, third-party integrations, and remote work setups, your organization's external attack surface has grown exponentially. Traditional security measures often struggle to keep up with this sprawl, leaving...

Meet “Sodinokibi” this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat Threat actor profile: Sodinokibi Image 1: Screenshot of Sodinokibi’s profile from our Threat Context module Known Aliases Sodin REvil Gold...

A critical vulnerability was discovered in current versions of OpenSSL affecting almost every organization. A fix is now out since 1 November. Learn more about the vulnerabilities and what to do if you have been impacted. What you need to know OpenSSL is a software library widely used by companies...

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America Threat actor profile: Guacamaya Image 1: Screenshot of Guacamaya’s profile from the Threat Context module Known Aliases alina weichafe Guacamaya Key points Guacamaya is a hacktivist group acting in defense of the abuse performed on the territory...