cyber-attacks

Abusing Microsoft Office Online Video

  **Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it  to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video[...]

Cybercrooks are Laughing All the Way from the Bank

  Financial services firms are favorite targets for cyber criminals. The firms are a treasure trove of tradeable data varying from credit card credentials, customer information, and corporate data that can be abused or sold on the dark net. Compared to other industries, the financial sector still[...]

Cybercriminals are Industrious When Hacking Industries

  In recent years, cyber-attacks on industrial control systems and critical infrastructure all together have been on the rise. A recent study by Bitkom shows that cyber-attacks cost the German industry almost $50 billion. Those attacks are not limited to Europe’s strong economy. Hackers are known[...]

Cybercriminals Have an Unhealthy Appetite for Medical Data

  Cybercriminals just love targeting healthcare organizations and have been doing it quite often for many years. As can be seen on the table below, during the past couple of months cybercriminals have been working hard on these types of targets. where they hit with ransomware attacks or breach to[...]

Academia Up for Grabs

Academia is Still a Preferred Target for Cyberattacks. In our blog post of June 6 last year, we wrote that although the attacks in the academic sector had received much less media attention than those in other sectors, academic institutions have been favorite targets of cybercriminals for over 3[...]

Cyberattack and the City

Smart cities have become a lucrative target for cyber attackers due to the increasing number of connected systems embedded throughout the smart city’s infrastructure. The numbers talk volumes - global investment in smart cities will reach $80bn in 2018, and is expected to reach $135bn by 2021[...]

OilRig Keeps On Cyber Drilling

  Iranian-based hacker group OilRig keeps cyber drilling, posing a persistent threat! In a previous post, we mentioned Advanced Persistent Threat attacks (APTs) that are waging ongoing sophisticated hacking attempts targeted e.g., certain countries or institutions. These kinds of attack are[...]

Are You Ready for the Next Cyber-Attack?

Cyber-crooks are masters of crime constantly developing, testing and fine-tuning their techniques to mine valuable and sensitive information for their own profit. As such, cyber-attacks come in a wide range of shapes and forms. To illustrate, cyber-criminals use: Advanced Persistent Threat[...]

Immediate Threat: Remote Code Execution abusing SettingContent-ms can deliver malicious code

To keep on giving our customers the tools to boost their cybersecurity posture, our Cymulate Labs are constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up to date. That’s why one of the unique[...]

Demystifying MITRE’s ATT&CK™ to supercharge cyber defenses - Part III

In our first blogpost about MITRE’s ATT&CK™ framework, we explained what it exactly is and how it contributes to cybersecurity. In our second blogpost, we dove deeper into the various features. In this blogpost, the third and final one in this series, we will discuss the future of MITRE’s[...]