Research & Threat Intel

September 17, 2021

Azure OMI Vulnerability OMIGOD (CVE-2021-38647) Now Under Exploitation

Azure users running Linux virtual machines are at risk of compromise unless they upgrade now. A vulnerable piece of management...
September 14, 2021

TeamTNT Script Employed to Grab AWS Credentials

A TeamTNT script has been employed to target a Confluence vulnerability that grabs AWS credentials including those from ECS. ...
September 9, 2021

Quick Recap: Azurescape

As you may have seen today, Palo Alto published a brilliant technical report: Finding Azurescape – Cross-Account Container...
July 14, 2021

Triage analysis of Serv-U FTP user backdoor deployed by CVE-2021-35211

Last night, Microsoft published a blog titled Microsoft discovers threat actor targeting SolarWinds Serv-U software with...
July 8, 2021

Ransomware Incident Response and Forensics - Post Breach

Conducting a thorough forensics investigation post breach is critical to identifying the root cause and preventing future...
July 3, 2021

Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack

Yesterday Sophos and Huntress Labs identified that Kaseya, a remote management provider popular with MSPs, was compromised...
June 29, 2021

Ransomware Incident Response and Forensics - Before the Ransom

One thing you may have not realised about ransomware is that it’s not immediate. While the data encryption process...
April 6, 2021

Threat Group Uses Voice Changing Software in Espionage Attempt

Today we are releasing a report detailing the activities of a Middle Eastern cyber espionage group that performs surveillance...
February 10, 2021

Punk Kitty Ransom - Analysing HelloKitty Ransomware Attacks

Yesterday, the company behind the gaming blockbuster Cyberpunk 2077 announced that it had been hit by a ransomware attack...
January 18, 2021

Botnet Deploys Cloud and Container Attack Techniques

Botnet Deploys Cloud and Container Attack Techniques We recently identified a campaign that deploys cloud and container specific...