From the report, “On November 26th, Slovakian Anonymous leader ‘Abaddon’ posted in the deep web message board ‘Hidden Answers’, looking to recruit accomplices for an operation targeting NATO and EU websites. (more available)

The goal of this white paper is to bring clarity to cyber threat intelligence. It explains the different categories of CTI and discusses some use cases to illustrate ways it can be applied and utilized to augment security teams’ efficiency and gain an edge over the attackers. (more available)

In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others. (more available)

Microsoft has come across an evolution of PLATINUM’s file-transfer tool, one that uses the Intel® Active Management Technology (AMT) Serial-over-LAN (SOL) channel for communication. (more available)

FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. (more available)

Herein we release our analysis of a previously undocumented backdoor that has been targeted against embassies and consulates around the world leads us to attribute it, with high confidence, to the Turla group. (more available)

“The Turla espionage group has been targeting various institutions for many years. Recently, we found several new versions of Carbon, a second stage backdoor in the Turla group arsenal. (more available)

“For a long time now, SOSS has provided a reliable yardstick for the most common vulnerabilities found in software, as well as how organizations are measuring up to security industry benchmarks throughout the software development lifecycle (SDLC). (more available)

The upgraded version of the Dridex Trojan was at one time one of the most successful bank Trojans originally discovered in 2014 and has since re-emerged. (more available)

This report is focussed on providing insights based on events in 2017.

This technical white paper describes a new approach to identifying your most critical web application vulnerabilities faster and at lower cost. (more available)

Contributors to this paper include security professionals, including the Security Intelligence Response Team (SIRT), the Threat Research Unit, Information Security, and the Custom Analytics group. (more available)

This report helps detail the importance of monitoring suspicious domain registrations to protect a brand from being destroyed by cyber criminals. (more available)

This article is fourth in a five-part series developed by Dr. Edward Amoroso in conjunction with the mobile security team from Blue Cedar. (more available)

This report provides helpful information on XSS.

From The Report, “This article is third in a five-part series developed by Dr. Edward Amoroso in conjunction with the mobile security team from Blue Cedar. (more available)

This is a threat advisory for Ticketac Mobile Apps

This is the 12th annual WhiteHat Security Statistics Report. This year they’ve added some real metrics around DevSecOps. They’ve also added a new SAST section and a mobile security section. (more available)

The Stuxnet and Ukranian power grid attacks give us clear ideas about how much damage a determined adversary can inflict not only on the business or operation concerned, but also on the general public. (more available)

This report takes a look at the harmful practice of web scraping.

Get detailed cloud security insights about DDoS and web application attack trends observed across the Akamai Intelligent Platform™ for Q1 2016. (more available)