Blog
UK Royal Family Website Taken Down by DDoS Attack
According to reports, the official website of the UK’s royal family was taken offline by a DDoS attack on Sunday. The Royal.uk site was unavailable for around 90 minutes, starting at 10 am local time, according to The Independent.
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for...
Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research and Intelligence Team is tracking the activity under the name Silent...
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
Introduction In today's interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the...
Update: Recently Patched TeamCity Vulnerability Exploited to Hack Servers
In-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced.
Financial Crime Compliance Costs Exceed $206 Billion
AI and advanced analytics are being employed by 72% of financial crime professionals to enhance compliance procedures, but challenges such as data quality and legacy systems persist, according to LexisNexis Risk Solutions.
Russian Company Offers $20m For Non-NATO Mobile Exploits
The Russian firm Operation Zero unveiled this increased payout on X (formerly Twitter) last week, aiming to attract top-tier researchers and developer teams to collaborate with their platform.
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip...
Norway Wants Europe-Wide Ban on Facebook Behavioral Ads
Norway is urging the European Data Protection Board (EDPB) to ban Meta (formerly Facebook) from harvesting user data for advertising purposes permanently and extend the ban across Europe.
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below.
FREE GUIDE