Ransomware attacks are growing at an alarming rate thanks in a large part to Ransomware-as-a-Service (RaaS) operations. RaaS is a business model where cybercriminals develop ransomware and lease it out to other criminals, known as affiliates, in exchange for a percentage of the ransom payments. Essentially, it's a subscription-based service...

Ransomware is the biggest cyber threat to businesses. First burst onto the scene in 1989, it has evolved significantly over the past few years from widespread attacks to highly targeted Ransomware-as-a-Service (RaaS) operations affecting organizations of all sizes and sectors. This article takes a look at the evolution of the...

Jester stealer is an information stealer that has been around since mid-July 2021. Originally sold by the Russian speaking threat group "Jester_Stealer", in several underground forums and Telegram channels, they operate under a Malware-as-a-Service (MaaS) model and present themselves as a group of programmers. Here we delved into the Jester...

This blog describes the attack path we have uncovered during a recent penetration test of a web application, coupled with a back-end infrastructure assessment. Throughout we introduce different attack techniques and tools that can be used to attack the underlying infrastructure and APIs of a web application. Utilizing what was...

In our latest credit card fraud investigation blog our threat intelligence analysts investigate the current card shop ecosystem, from active shops and the return of Rescator as well as other recently shuttered card shops and credit card fraud to look out for. In February 2021, shortly after the closure of...

Ransomware continues to be a prevalent threat to almost every modern industry after a sudden renaissance at the beginning of the COVID-19 pandemic as threat actors sought to capitalize on overwhelmed organizations and their suddenly vulnerable employees. It poses a particular danger to companies that hold sensitive data and house...

Stolen user logins and passwords pertaining to the world’s largest companies are exposed and traded by cybercriminals on the open, deep and dark web London, May 10, 2022 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of its 2022 FTSE 100 Credential Theft Study...

​  Spring4Shell At the time of writing, this vulnerability has no CVE assigned and is known around the Internet as Spring4Shell, due to its similarities to the infamous Log4Shell vulnerability. This vulnerability relies on the fact that when processing the contents of a query in requests Spring Core allows access...

UK’s Linde and Johnson Matthey among companies running vulnerable web apps in Outpost24’s Attack surface benchmark for Chemical Manufacturers report Tuesday, March 29, 2022 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of its 2022 Web Application Security for Manufacturers report for the top...

Introduction Since Russia launched a large-scale military invasion of Ukraine on February 24, 2022, many threat actors surged to carry out a wide range of cyberattacks against both sides. Some well-known threat groups have also shifted their attacks or increased their intensity to focus their efforts against Russia or Ukraine....