Security Boulevard

MAY 5, 2021

Social media, including LinkedIn, have become the new preferred method of attack for these criminals. This year, Google’s Threat Analysis Group (TAG) discovered a largescale cyberattack that originated out of North Korea. The cyberattack utilized fake blogs, fake email accounts, and even […].

Media 109

Media Hacking Accountability Social Engineering 109

SecureWorld News

OCTOBER 19, 2021

One notorious hacking group from Iran uses particularly dirty schemes to fleece users, according to Google's Threat Analysis Group (TAG). According to Google’s TAG blog, APT35 have been active since at least 2017, including attacks on the 2020 U.S. Read Google's official TAG blog to learn more about the technical details.

Phishing 70

Phishing Social Engineering Authentication Government 70

Security Boulevard

APRIL 26, 2022

Some details about this campaign were published in this Korean blog, however they did not perform the threat attribution. In this blog, we will share the technical details of the attack chains, and will explain how we correlated this threat actor to Lazarus. This is done for the purpose of social engineering.

Phishing 52

Phishing DNS Cryptocurrency Accountability 52

Security Boulevard

SEPTEMBER 1, 2021

<a href='/blog?tag=Cybersecurity'>Cybersecurity</a> tag=Cybersecurity'>Cybersecurity</a> <a href='/blog?tag=Ransomware'>Ransomware</a> tag=Ransomware'>Ransomware</a> <a href='/blog?tag=Cyber-attacks'>Cyber-attacks</a> Additional Resources.

Digital transformation 145

Digital transformation Cybersecurity Cyber threats IoT 145

NopSec

JULY 18, 2017

With that in mind, in this blog post we’re covering 13 out of the 20 controls. We chose them because these particular controls map out directly to what our vulnerability management and risk measurement platform, Unified VRM powered by E3 Engine , covers. The CIS 20 controls are also known to be relatively difficult to implement fully.

Wireless 40

Wireless Penetration Testing Software Authentication 40

Malwarebytes

FEBRUARY 5, 2021

The watering hole strategy is a mix of social engineering, hacking, and drive-by infections that requires a high level of knowledge and a well-thought-out strategy. To connect and gain trust among security researchers, the actors created a research blog and multiple Twitter profiles to interact with potential targets.

Social Engineering 127

Social Engineering Engineering Software Hacking 127

Security Boulevard

FEBRUARY 17, 2022

But the SOP does not limit javascript code, and the HTML <script> tag is allowed to load Javascript code from any origin. This can allow spammers to use your server to send bulk emails to users or enable scammers to conduct social engineering campaigns via your email address. Take me back to the top. Template Injection.

Authentication 104

Authentication Encryption Engineering Firewall 104

SecureList

NOVEMBER 30, 2021

On January 25, the Google Threat Analysis Group (TAG) announced a state-sponsored threat actor had targeted security researchers. On March 31, Google TAG released an update on this activity showing another wave of fake social media profiles and a company the actor set up mid-March.

Malware 100

Malware Mobile Spyware Surveillance 100

SecureList

APRIL 27, 2021

In November and December 2020, two public blog posts were published about this campaign. On January 25, the Google Threat Analysis Group (TAG) announced that a North Korean-related threat actor had targeted security researchers. Final thoughts.

Malware 138

Malware Spyware Government Social Engineering 138

Kali Linux

MARCH 28, 2023

As we were scrapping it all and starting from scratch when starting with Kali, we moved to Git and used GPG to tag releases, at the same time, published all our build-scripts allowing anyone to build Kali on any platform. As these are for a limited time, as well as being handmade item, do expect the price tag to match it.

InfoSec 52

InfoSec Penetration Testing Architecture Software 52