Conscia Blog | Benefit from our Network of Knowledge

Blog

Critical vulnerability in Palo Alto Gateway

12. April 2024

NOTE, important update 17/4-24: Temporarily disabling device telemetry has unfortunately proven insufficient. Updated information (17/4 2024): This vulnerability in GlobalProtect, initially believed to be mitigated by disabling Device Telemetry...

Blog

Exploring the Dark Side of Generative AI: The Rise of Cyber Threats in the Digital Age

13. March 2024

When we think about predicting cyber threats that will reign in the coming year, we often lean back...

Blog

OpenAI Sora – Threat or Opportunity?

4. March 2024

OpenAI's Sora: Is it a threat or an opportunity? We look at its groundbreaking text-to-video capabilities and how...

Blog

Cisco Security 2023 – The Year in Review

15. February 2024

I hope you have landed well in the new year without any major technical fires that needed extinguishing...

Blog

Urgent update Palo Alto Networks NGFW

13. February 2024

Palo Alto Networks certificate expiration – act as soon as possible: Palo Alto Networks are currently facing an...

Blog

Interview: Artificial intelligence in cybersecurity: who will make better use of it?

11. January 2024

AI helps both hackers and those who fight them – but in addition to sophisticated security solutions, it...

Blog

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

9. January 2024

GitHub, a key coding platform, faces rising cyber threats. This blog post explores its exploitation and outlines effective...

Blog

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

19. December 2023

In cybersecurity, an unexpected one-time passcode (OTP) signals a security threat - possible credential theft. Learn more about...

Blog

Deep Dive into the May 2023 Cyber Attack on Danish Energy Infrastructure

15. November 2023

Danish energy infrastructure endured a sophisticated cyber attack, signifying a major escalation. This post analyzes the unprecedented assault,...

Blog

What can we learn from recent Okta breaches?

8. November 2023

Okta, a major identity and access management player, faced two major security breaches. Examining these incidents provides crucial...

Blog

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

17. October 2023

Edit note, October 24: Added a section regarding updates to include additional Indicators of Compromise (IOCs) and methods...

Blog

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

11. October 2023

Enumeration attacks, especially banking identification number (BIN) generation attacks, enable threat actors to produce and validate payment card...

Blog

Adversary-In-The-Middle Attack: A novel way to evade MFA

3. October 2023

In the vast realm of cyber threats, a relatively newer but impactful method has emerged: Adversary In the...

Blog

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

27. September 2023

Cybercriminals increasingly manipulate reputable platforms such as Google Drive, OneDrive, Notion, and GitHub to camouflage their malicious activities...

Blog

Defending Against Infostealer Malware Attacks: A Comprehensive Guide for Organizations

19. September 2023

In today’s digital age, information is power. As organizations increasingly rely on digital data, the allure for cybercriminals...

Blog

Cloud Storage Risk Assessment: Our privacy rests… at risk?

13. September 2023

Cloud storage and hosting have become a common way of storing your and your organization’s sensitive data in...

Blog

Understanding Vulnerability Lifecycle to Better Combat Exploits

6. September 2023

If you care about cybersecurity, you surely have heard the term ‘software vulnerability.’ But it can quickly happen...

Blog

CL0P Group – Analysis of European’s rising ransomware threat

6. September 2023

If you were following trends in the cyber threat landscape for the past few months, or actually the...

Blog

Danish cloud-hosting provider hit by devastating ransomware attack.

30. August 2023

Danish cloud-hosting company were hit by ransomware attacks, resulting in significant customer data loss and system shutdowns.

Blog

A look into Living off the Land adversarial technique

30. August 2023

Recently, you may have noticed several cybersecurity news sites citing Microsoft’s article on Flax Typhoon’s (threat actors) stealthiness while performing...

Blog

Can Prisma Cloud provide API security for your cloud?

15. March 2023

Spoiler alert: it probably can (your mileage may vary), but your cloud architecture determines whether it is the...

Blog

How could AI simplify malware attacks, and why is this worrying?

24. February 2023

AI can significantly reduce Malware development and distribution costs, giving cybercriminals an advantage over insufficiently secured targets. Read...

Blog

Diligent Management and Cybersecurity

20. February 2023

In business, cyber-attacks have become a part of reality and are no longer something that happens “out there”....

Blog

The future of AI and Quantum

14. January 2023

Artificial intelligence and quantum computing are two rapidly advancing technologies that have the potential to revolutionize a...

Blog

Three lessons for better cybersecurity in 2023

2. January 2023

From the point of view of Conscia’s Security Operations Center (SOC), the year 2022 confirmed the fact that...

Blog

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

6. December 2022

Criminals don’t like to leave traces. In the cyber world, that means deleting their malicious software from your...

Blog

Season’s Greetings from Cybercriminals

25. November 2022

Cybercrime is on the rise during the holiday season. Cybercriminals take advantage of Black Friday, Cyber Monday, and...

Blog

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

17. November 2022

Phishing has professionalized. It is literally available to criminals in a »as a service« model, and the most...

Blog

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

30. September 2022

Two reported 0-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019 (on-prem) tracked as CVE-2022-41040 and CVE-2022-41082...

Blog

Insider Threats: What are they and how to mitigate them

20. September 2022

While often neglected, an organization’s own personnel pose one of the biggest threats to its security. Human error...

Blog

Diving Deep: How to detect Malware Persistency pt. 1

3. August 2022

During a cyber-attack adversaries might gain access to an environment through a certain system, but that might not...

Blog

Diving Deep: How to detect Typosquatting

21. June 2022

Typosquatting is a type of social engineering attack where a threat actor registers domains with deliberately misspelled names...

Blog

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day

1. June 2022

Microsoft confirmed a security vulnerability tracked as CVE-2022-30190 and released it on their MSRC portal on May 30th,...

Blog

Diving Deep: Malware Injection Techniques – Part 1

31. May 2022

Malware Injection Techniques This is the first entry in the Malware Injection Techniques article series that we will...

Blog

Ransomware-as-a-Service: An infamously lucrative business model

18. May 2022

Ransomware as a type of malware is not a 21st century invention. We can trace it back to...

Blog

Conti Ransomware Gang falls apart

1. May 2022

Conti ransomware gang was infamously known as one of the most sophisticated adopters of ransomware-as-a-service (RaaS) model, earning...

Blog

Increased threat against industries leveraging ICS and SCADA devices

14. April 2022

US agencies (CISA, NSA, FBI) and Department of Energy issued a new Cybersecurity Advisory (CSA) warning on 13.04.2022...

Get the latest insights in our blog, written by our own experts.

Critical vulnerability in Palo Alto Gateway

Exploring the Dark Side of Generative AI: The Rise of Cyber Threats in the Digital Age

OpenAI Sora – Threat or Opportunity?

Cisco Security 2023 – The Year in Review

Urgent update Palo Alto Networks NGFW

Interview: Artificial intelligence in cybersecurity: who will make better use of it?

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

Deep Dive into the May 2023 Cyber Attack on Danish Energy Infrastructure

What can we learn from recent Okta breaches?

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

Adversary-In-The-Middle Attack: A novel way to evade MFA

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

Defending Against Infostealer Malware Attacks: A Comprehensive Guide for Organizations

Cloud Storage Risk Assessment: Our privacy rests… at risk?

Understanding Vulnerability Lifecycle to Better Combat Exploits

CL0P Group – Analysis of European’s rising ransomware threat

Danish cloud-hosting provider hit by devastating ransomware attack.

A look into Living off the Land adversarial technique

Can Prisma Cloud provide API security for your cloud?

How could AI simplify malware attacks, and why is this worrying?

Diligent Management and Cybersecurity

The future of AI and Quantum

Three lessons for better cybersecurity in 2023

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

Season’s Greetings from Cybercriminals

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

Insider Threats: What are they and how to mitigate them

Diving Deep: How to detect Malware Persistency pt. 1

Diving Deep: How to detect Typosquatting

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day

Diving Deep: Malware Injection Techniques – Part 1

Ransomware-as-a-Service: An infamously lucrative business model

Conti Ransomware Gang falls apart

Increased threat against industries leveraging ICS and SCADA devices

Do you have any questions?

Related content

AI’s Role in Advancing and Combating Cyber Threats

Unlocking Security: Cisco and Conscia present the future of SSE and SASE

Critical vulnerability in Palo Alto Gateway

Exploring the Dark Side of Generative AI: The Rise of Cyber Threats in the Digital Age

OpenAI Sora – Threat or Opportunity?

Recorded Webinar: How to secure your email in 2024

A Structured Approach to Cybersecurity Governance, utilizing Maturity Assessment

Cisco Security 2023 – The Year in Review

Contact