Next-Level Vulnerability Management Needs Attack Surface Intelligence

As cyber threats become increasingly advanced, many vulnerability and risk management programs can't keep up. They often rely on outdated, static lists of your assets that fail to include newly spun-up public-facing and out-of-policy assets, leaving these missed and unprotected. Every one of these exposed assets puts your organization at risk. Adding...

23m

Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets

Editors Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.This report details multiple campaigns conducted by the likely Chinese state-sponsored threat activity group TA413. The activity was identified through a combination of large-scale automated network traffic analytics...

5d

Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets Report

Agile and adaptable, Chinese state-sponsored TA413 persistently targeted Tibetan communities and European diplomats with recent 0-days and vulnerabilities.

5d

Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming

Editors Note: Click here to download the report as a PDF.This report from the Recorded Future Payment Fraud Intelligence module builds on our earlier reporting on Google Tag Manager (GTM) abuse and provides an updated overview of how threat actors abuse GTM containers to conduct Magecart e-skimmer attacks. The intended audience is law enforcement and...

6d

Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming Report

Server access not required. Insikt Group® reports how adversaries inject e-skimmers – and other malicious scripts – through legit Google Tag Manager containers.

6d

Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine Report

Behind telecom-sounding domains, Russian UAC-0113 deploys persistent malware to Ukrainian victims. Insikt Group® details the new infrastructure, TTPs, and more.

2w

Recorded Future and Okta: Reducing Risk From Identity Compromise

Multi-factor authentication (MFA) solutions make accessing business-critical infrastructure and customer-facing applications more secure, but they are limited in ensuring identities havent been compromised. With user credentials and session cookies readily available on the dark web, its easy for cybercriminals to get their hands on the kind of corporate...

2w

Preventing Payment Fraud: Why We Need a Proactive Approach to Turn the Tables

Final installment in a 3-part interview series with former Gemini Advisory CEO and current Recorded Future VP of Fraud Solutions, Andrei BarysevichOn March 16th, 2021, revolutionary fraud analytics provider Gemini Advisory was acquired by Recorded Future, and recently rebranded as Recorded Future Payment Fraud Intelligence. I sat down with Andrei Barysevich,...

2w

Verizon DBIR Shines a Light on Identity Compromises

Verizon recently released its 15th annual Data Breach Investigations Report (DBIR). 2022 has already been a major year for cyber attacks, and the headlines have reflected that, with well-publicized attacks on cloud systems and the supply chain making news around the world. Threat actors continue to expand their attack surface, their ability to breach...

2w

Threat Intelligence Feeds: Data Automation Solution

Key TakeawaysThreat intelligence feeds are constantly updating streams of indicators or artifacts derived from a source outside the organization.By comparing threat feeds with internal telemetry, you can automate the production of highly valuable operational intelligence.Selecting the right feeds isnt enough. Curating intelligence automatically enhances...

2w