‘GambleForce’ – A New Hacker Group Attacking APAC Organisations Using SQL Injection

New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection

In the intricate web of global cybersecurity, a new player has emerged from the shadows of the Asia-Pacific (APAC) region. The group, known as “GambleForce”, has compelled the world to take notice through a series of precise, calculated cyberattacks. In this blog post, we unravel the modus operandi of this clandestine group, explore the vulnerabilities […]

Top 5 IoT Security Vulnerabilities – A Growing Concern

Top IoT Security Vulnerabilities - A Growing Concern

The network of physical objects, cars, home appliances, and other things integrated with electronics, software, sensors, actuators, and network connectivity that allows these objects to connect and exchange data is known as the Internet of Things (IoT). IoT offers enormous advantages and potential, but if not adequately secured, it also poses new security dangers. Top […]

Penetration Testing As A Service: Secure Your Customer Data

Penetration Testing As A Service

Are you concerned about the security of your company’s digital assets? Do you want to ensure that your network and systems are secure from cyber-attacks? Then you may have heard of the term “penetration testing.” But have you heard about Penetration Testing as a Service (PTaaS)? This innovative approach to security testing offers a wide […]

Privilege Escalation – Cyber Attacks Linked To Insider Threats

Privilege escalation - Attacks linked to insider threats

Privilege escalation vulnerabilities are one of the most serious risks faced by organizations, as they allow unauthorized access that can facilitate a wide range of damaging insider attacks. According to the findings analyzed in this report, privilege escalation exploits are involved in over half of insider threat incidents logged. With higher privileges, rogue insiders can […]

Web Application Penetration Testing

web application penetration testing

Definition Web Application Penetration Testing is identifying vulnerabilities in web applications and simulating real-world attacks to gain access to sensitive data to check the application’s security. In today’s world attackers are keeping an eye on gaining access to sensitive user data for their advantage, so it becomes crucial to get web application penetration testing done. […]

Major Cyber Attack Exposes Medical and Student Records in Israel – Malek Team

Major Cyber Attack Exposes Medical and Student Records in Israel - Malek Team

A hacker group linked to Iran has claimed responsibility for two significant data breaches involving Israeli organizations in recent months. Hundreds of Thousands of Patient Records Leaked In January, the Malek Team said it accessed 500GB of data from Ziv Medical Center in Safed dating back to 2022. This includes over 700,000 documents containing patients’ […]

The Darkgate Malware – Targeting Individuals and Businesses

Darkgate Malware

The DarkGate malware, also known as MehCrypter, is a pernicious threat with a wide range of capabilities. First publicly reported in 2018, DarkGate is a Windows-based malware designed to steal credentials and enable remote access to victim endpoints. It has been primarily distributed through email malspam campaigns. Still, a new attack vector surfaced in late […]

What Is Vulnerability Assessment? A Comprehensive Guide

How To Conduct A Vulnerability Assessment

1. Introduction Vulnerability assessment plays a critical role in modern cybersecurity, allowing organizations to proactively identify and mitigate weaknesses in their systems and data. In today’s rapidly evolving digital landscape, vulnerability assessment is more vital than ever. They help prioritize vulnerabilities, allocate resources effectively, and safeguard sensitive information. This guide is intended for IT professionals, […]

Internal Penetration Testing Checklist For Your Business – 2024

Internal Penetration Testing Checklist For Your Business - 2024

I. What is internal penetration testing?  Internal penetration testing, also known as internal security testing, is a proactive cybersecurity practice that involves simulating real-world attacks on an organization’s internal network and systems. The main goal of this practice is to identify vulnerabilities and weaknesses in the organization’s infrastructure, applications, and user access controls. By conducting […]

Penetration Testing Cost: How to Consider?

Penetration Testin Cost: How to Consider

1. Introduction  As someone deeply immersed in the world of penetration testing, I understand the critical role it plays in modern cybersecurity. I’d like to share our insights on a topic often discussed but not always thoroughly understood: the cost of a penetration test. In this article, I’ll draw on Bluefire Redteam’s first-hand experiences to […]