GuLoader is one of the most widely used loaders to distribute malware throughout 2020. Among the malware families distributed by GuLoader, we can find FormBook, AgentTesla and other commodity malware. A recent research performed by Check Point suggests that GuLoader code is almost identical to a loader named as CloudEye...

Modern web applications are complex, it is often made up of many layers where potential flaws could appear making it hard to secure. That’s why it’s important to understand the key attack vectors hackers use to spot entry points and map your attack surface during reconnaissance and work back from...

As with any apparently game-changing technology, the benefits and drawbacks of artificial intelligence (AI) should be qualified by an accurate definition of what AI means. The term has become so ubiquitous in the materials than describe cyber vendors’ products  (for example), and so quickly, that the only logical conclusion is that the...

Misconfigurations are often seen as an easy target, as it can be easy to detect on misconfigured web servers, cloud and applications and then becomes exploitable, causing significant harm and leading to catastrophic data leakage issues for enterprises like the 2019 Teletext exposure of 530,000 data files which was caused...

Agent-based scanning helps organizations automate remote vulnerability assessment and enhance long term workforce security London, UK – June 1, 2020 – Outpost24, a global leader and innovator in identifying and managing cyber security exposure, today announced its Spring 2020 release which adds major new capabilities to help customers improve remote...

Adding context to information is essential for accurate decision making Internal vulnerability scanning is the foundation for vulnerability prioritization , collecting vulnerability data and categorizing it within a basic severity model. Adding external intelligence from a broad range of open, closed and private sources adds the necessary context for actions to...

Internet of Evil Things Survey reveals more than two-thirds are not regularly monitoring for security vulnerabilities on wireless devices London, UK – April 6th 2020 – Outpost24, an innovator in identifying and managing cyber security exposure, has today announced the results of the Internet of Evil Things survey conducted at...

Hackers are using the Reaver WPS tool to exploit the WiFi Protected Setup (WPS) feature found on many WiFi routers and access points. This method involves remotely brute-forcing the WPS handshaking process to potentially crack a WPA network. Most networks will now be running the much more robust WiFi Protected...

​  On the 3rd of January 2020, the Iranian Major General Qasem Soleimani was killed in a US drone strike ordered by President Donald Trump at Baghdad International Airport. Since then, popular demonstrations and military responses have been seen coming from Iran. It’s important to remember, however, that wars and military actions...

 Introduction ServHelper is a backdoor first spotted at the end of 2018 by Proofpoint and linked to TA505. This threat actor is known to have distributed Dridex and Locky in the past, in addition to FlawedAmmyy, FlawedGrace and Get2/SDBBot more recently, amongst others.   This blog post will offer some analysis on developments relating to ServHelper, including detail on relevant campaigns and those threat actors related to it. ServHelper was quiet...