Veriti Research

VERITI

We asked an AI agent to analyze the latest shift in U.S. cybersecurity policy, comparing past strategies under Biden to the new 2025 Trump Executive Order. The result? A surprisingly structured analysis that maps out the core philosophical and operational differences, from federal-led resilience to localized risk ownership.  But this ... Read More

Veriti Research has identified a significant rise in tax-related malware samples across multiple platforms. The research team discovered malware samples targeting Android, Linux, and Windows, all connected to the same adversary operating from a single IP address.  We believe the attacker is running multiple parallel campaigns and using “Malware-as-a-Service” tools ... Read More

Veriti research recently analyzed stolen data that was published in a telegram group named “Daisy Cloud” (potentially associated with the RedLine Stealer), exposing the inner workings of a cybercrime marketplace. This group offers thousands of stolen credentials in an ongoing basis across a wide range of services, from crypto exchanges ... Read More

In 2023, a massive data breach at 23andMe shook the foundation of the consumer genomics industry. Fast forward to today, the company has filed for bankruptcy. From Veriti’s perspective, this incident highlights the devastating consequences of failing to secure deeply sensitive personal data, especially when that data reaches beyond individuals ... Read More

As the new Snow White movie arrives in theaters with lackluster audience attendance (source), the absence of streaming options on platforms like Disney+ has nudged many users to seek pirated versions online.  From our perspective, this kind of consumer behavior isn’t new, every high-profile movie release without a digital option ... Read More

The Veriti research team has analyzed the latest cloud vulnerabilities, revealing critical security risks, attack patterns, and real world exploitation cases.  Our findings highlight the top vulnerability categories, the most exploited CVEs, and the actors leveraging these weaknesses. In this report, we delve into key cloud security threats and provide ... Read More

Attackers are actively targeting OpenAI, exploiting CVE-2024-27564, a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. Veriti’s latest research reveals that this vulnerability, despite being classified as medium severity, has already been weaponized in real world attacks.  Our research uncovers:  This research highlights a crucial takeaway: No vulnerability is ... Read More

Veriti Research has identified a growing trend – attackers leveraging cloud infrastructure to facilitate malware distribution and command-and-control (C2) operations. This evolving tactic not only makes detection more challenging but also exposes organizations to significant security risks.  Malware Hosted on Cloud Services  One of the most alarming findings from our ... Read More

  The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and evade detection.  The Veriti Research team analyzed these chat logs, revealing our favorite exploits, security measures they bypass, and the defenses they fear most.  Veriti Research analyzed these ... Read More

Veriti’s latest research identifies key false positive triggers in cloud environments, their underlying causes, and their impact on businesses. By understanding these issues, security teams can refine their defenses and reduce unnecessary alerts without compromising protection. Two Main Causes of False Positives in Cybersecurity Protections Brute Force and Protocol-Based False ... Read More