Author: Tom Kitching

In recent months, cybersecurity researchers have uncovered a sophisticated tool known as Evilginx2, which poses a significant threat to individuals, businesses, and organizations worldwide. Evilginx2 represents an evolution of traditional phishing techniques, leveraging advanced tactics and capabilities to deceive victims and circumvent security measures effectively. Evilginx2 is a powerful tool designed to automate the process…

As the world continues to grapple with the ongoing COVID-19 pandemic, cybercriminals have seized upon the uncertainty and fear surrounding the crisis to launch a wave of phishing attacks targeting individuals, businesses, and organizations worldwide. COVID-19-related phishing scams exploit the heightened concerns and anxieties of individuals, offering false promises of vaccines, treatments, financial relief, or…

In recent months, there has been a noticeable uptick in cryptojacking attacks targeting individuals, businesses, and organizations worldwide. Cryptojacking, also known as malicious cryptocurrency mining, involves the unauthorized use of computing resources to mine cryptocurrencies without the owner’s consent. Cryptojacking attacks typically involve the deployment of malware or malicious scripts that hijack the processing power…

The SolarWinds supply chain attack, discovered in late 2020, continues to reverberate across the cybersecurity landscape, serving as a stark reminder of the evolving threat landscape and the challenges posed by sophisticated cyber adversaries. Initially disclosed in December 2020, the SolarWinds supply chain attack targeted SolarWinds’ Orion platform, a widely used IT management software suite.…

In recent months, the cybersecurity landscape has witnessed a resurgence in ransomware attacks, with threat groups such as Conti and BlackCat orchestrating sophisticated campaigns targeting organizations worldwide. These attacks have underscored the evolving tactics and escalating threats posed by ransomware actors, posing significant challenges for cybersecurity professionals and organizations alike. The Conti ransomware group, known…

In December 2022, cybersecurity experts uncovered a critical vulnerability in Apache Log4j, a widely used Java-based logging library. Dubbed Log4Shell or Log4j vulnerability (CVE-2021-44228), this flaw allowed remote code execution, potentially enabling threat actors to compromise affected systems. The Log4j vulnerability sent shockwaves across the cybersecurity landscape, as it affected numerous organizations worldwide, spanning various…