Below The Surface - Halloween Edition 2022

November Firmware Threat Report

| | threat report
Whether it’s the Executive Office, the average consumer, or the threat actors, all eyes are on the security of the technology supply chain ...
Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!!?

September Firmware Threat Report

| | threat report
The world is on the precipice of significant economic and societal change. This winter in Europe may end up seeing the worst energy crisis in 50 years, an all encompassing crisis that ...
Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report

Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report

In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends ...
Not-So-Secure Boot - Jesse Michael, Mickey Shkatov - PSW #751

August Firmware Threat Report

| | threat report
In the cybersecurity industry, we hear about “the root of trust”(RoT) quite a bit. It’s the most important thing after all, right? Yet, very seldom do SecOPs, risk management, or board level ...
Below the Surface: July 2022

July Firmware Threat Report

| | threat report
On the heels of RSA comes this month’s Below the Surface Threat Report. Our theme this month is, simply, “Time”. In the context of cyber warfare, cyber criminal attacks, and long-running espionage ...
From an Internet-facing VPN RCE to Root on an Internal Host in Less than 1 Minute

May Firmware Threat Report

| | threat report
On the heels of RSA comes this month’s Below the Surface Threat Report. Our theme this month is, simply, “Time”. In the context of cyber warfare, cyber criminal attacks, and long-running espionage ...
April Firmware Threat Report

April Firmware Threat Report

| | threat report
Let’s just call this what it is. The US (and NATO allies) are in a cyber war with Russia, fighting tooth and nail against both nation-state affiliated actors and criminal actors alike ...
March Firmware Threat Report

March Firmware Threat Report

| | threat report
While the media and industry is telling you that the hybrid/cyber conflict surrounding the invasion of Ukraine has been underwhelming, nothing could be further from the truth ...
You Suck at Cybersecurity

January Firmware Threat Report

| | threat report
2022 managed to kick off with a bang. Under pressure from the United States, the Russian FSB detained 14 people tied to the REvil ransomware operation, seizing $600,000 of computer equipment and ...
Don’t Let Cyber Criminals Steal Your Connections: Securing Internet-Accessible Systems

December Firmware Threat Report

| | threat report
What a December! Let’s see if we can write a threat report without mentioning log4j. Possible? Let’s find out! While everyone else is writing about it and you are completely overwhelmed, over-vendored, ...