State-Sponsored Hackers Breach F5 Inc., Remain Undetected for Months

According to NixCraft, a credible source in the cybersecurity community, a state-sponsored hacking group infiltrated F5 Inc. the global provider of application delivery and network security solutions in late 2023. The attackers reportedly remained undetected inside F5’s internal systems until August 2024, highlighting significant concerns over supply chain compromise, zero-day exploitation, and persistent threat operations …

Are Corporate Emails MORE secure than Personal Emails?

Key insights from our BEC (Business Email Compromise) Study using 50K emails counterchecked with HaveIbeenPwned.com.     Key Insights based on the chart above Business Emails are relatively safer Majority (20,924) are not compromised (Null) Still, 16,689 appear in external breaches and 5,856 in personal exposures. This suggests that while many business emails remain safe, …

Quantifying the cybersecurity risk from BEC (Business email compromise)

Understanding the source of Business email compromise is only the first step. The next challenge is quantifying the risk to an enterprise when employee email accounts appear in one, two, or even multiple breaches. A single exposure might reveal basic credentials, but repeated compromises across different platforms often provide attackers with a fuller picture—combining passwords, …

DarkCloud Stealer: Inside a Sophisticated Malware Campaign Using AutoIt

Introduction Unit 42 researchers have recently uncovered an advanced phishing campaign leveraging DarkCloud Stealer, an information-stealing malware active since 2022. This malware uses complex evasion techniques, including AutoIt scripting, to bypass security mechanisms and extract sensitive user data. Here’s a breakdown of how this stealthy malware operates and what you can do to protect your …