Blogs

“Those who cannot remember the past are condemned to repeat it.” 

What is Volt Typhoon? 

Volt Typhoon, a Chinese state-sponsored threat actor, is utilizing stealth techniques to conduct cyber espionage operations against government and other critical infrastructure organizations. In recent attacks, Volt Typhoon has leveraged application or server-side exploitations to gain initial access into a victim’s network.

We’ve all had that big home improvement project that didn’t turn out the way we planned and left us with more of a mess than we started with. Or if you’re more of the culinary type, maybe that three-layered cake with delicate icing flowers turned out less than ideal. While attempting to tackle these lofty projects, one thing is usually clear: “Experts exist for a reason.” 

When it comes to using the Internet, chances are you've encountered different types of character encoding. These include standards like ASCII, ANSI, Latin-1, ISO 8859-1, Unicode, UTF-7, UTF-8, UCS-2, and URL-encoding. With so many options, it can be hard to keep track of the differences between each standard and know when to use one over the other. That's where this blog comes in. Here, we'll delve into the intricacies of character encoding, provide a better understanding of each of these standards, and how encoding is used in the field of cybersecurity. 

The recent wave of ransomware attacks targeting software supply chains, such as the exploits on MOVEit, GoAnywhere, and 3CX Desktop Client, highlight the escalating threat landscape and the need for robust security measures. This strategic intelligence article examines the trends observed in these attacks and the broader implications for organizations using similar software. It provides an assessment of the risks and offers strategic recommendations for mitigating these threats, including considerations for vendor relationships. 

As threat actors and their TTPs (tactics, techniques, and procedures) continue to evolve, the importance of effective cyber threat intelligence (CTI) cannot be overstated.

You Deserve a Sound Cybersecurity Strategy

The Roadrunner is like the Managed Extended Detection and Response (Managed XDR) of the cartoon world, staying agile and resilient against the constant threats of Wile E. Coyote, just like the way Managed XDR helps businesses stay ahead of cyber threats. 

Summary 

A recently observed malware family dubbed “RustBucket” has been targeting macOS since early 2023. RustBucket is a multi-stage malware that focuses on secondary payload delivery. Cybersecurity analysts at Jamf Threat Labs have attributed the malware to BlueNoroff, a financially motivated division of North Korea-based advanced persistent threat (APT) Lazarus Group. 

You have your cybersecurity strategy and goals ready to go, including tools and technology to help augment your team. But you may not have a clear path and guidelines to help you reach cyber maturity, or enhance your cybersecurity posture, with a cybersecurity framework in place. Maybe you’re unfamiliar with cybersecurity frameworks, or you’re overwhelmed by the number of options out there. Whether you’ve been in the cybersecurity game for a while or are looking to get back to basics with your team, we’ll talk you through it. 

Summary 

A large-scale cryptocurrency mining campaign called RBAC Buster has been discovered actively targeting at least 60 Kubernetes clusters in the wild. The campaign exploits Kubernetes Role-Based Access Control (RBAC) to create backdoors and run miners.

What is LOBSHOT? 

A new malware was recently observed being distributed by malicious Google ads, highlighting the continued use of malicious ads as initial access to a host. Dubbed LOBSHOT, this new malware acts as both an information stealer and remote access trojan and employs numerous techniques to evade detection.