22 Sep 2022

Basing Vulnerability Management Solely on CVSS Scores is Risky Business

Cybersixgill’s end-to-end Dynamic Vulnerability Exploitation takes a contextual, more accurate approach to vulnerability management and prioritization. This year, back-to-school time coincides with increased cyberattacks against higher education institutions. A recent survey shows that more than 60 percent of colleges and universities experienced ransomware attacks in the past year, costing institutions millions.  One reason for the […]

Read More >
Basing Vulnerability Management Solely on CVSS Scores is Risky Business
Basing Vulnerability Management Solely on CVSS Scores is Risky Business

Basing Vulnerability Management Solely on CVSS Scores is Risky Business

Michael-Angelo Zummo | 22 Sep 2022
Cybersixgill’s end-to-end Dynamic Vulnerability Exploitation takes a contextual, more accurate approach to vulnerability management and prioritization. This year, back-to-school time coincides with increased cyberattacks against higher education institutions. A recent survey shows that more than 60 percent of colleges and universities experienced ransomware attacks in the past year, costing institutions millions.  One reason for the […]
Read More >
Breaking the Boycott

Breaking the Boycott

Dov Lerner | 15 Sep 2022
Russian dark web actors use underground markets to move money and purchase illicit goods, despite the Western embargo. When a banned product is in high demand, there is opportunity for a black market to thrive. Considering the extent of Western governmental and private sector sanctions against Russia in response to the invasion of Ukraine, we […]
Read More >
Hack To School

Hack To School

Adi Bleih | 14 Sep 2022
Compromised university credentials and endpoints on the dark web could cost students and schools millions. Introduction Possession of a student’s university account is desirable for threat actors. It enables them to impersonate the student and steal their identity. More advanced threat actors can use this as the first step to a more powerful attack, such […]
Read More >
The Dark Web Economy

The Dark Web Economy

Dov Lerner | 06 Sep 2022
While the western world struggles with rising grocery bills and gas prices, the economy of the dark web – the digital black market – is chugging along as usual. Inflation doesn’t seem to have hit the internet’s criminal underground – not yet, anyway. The war in Ukraine hasn’t registered much. Even the recent plummet in […]
Read More >
The underground illicit credit card market is collapsing

The underground illicit credit card market is collapsing

Adi Bleih | 06 Sep 2022
From 2019 through 2022, the supply of stolen credit cards fell by almost 90%. Demand seems to have dropped too. Here’s why. There is something magical about the simplicity of a credit card. With a single swipe, wave, or click, a number printed on a piece of plastic catalyzes commerce between the merchant and buyer. […]
Read More >
How to Supercharge CISA’s Known Exploited Vulnerabilities Library

How to Supercharge CISA’s Known Exploited Vulnerabilities Library

Omer Carmi | 24 Aug 2022
Earlier this year, the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security issued Binding Operational directive (BOD) 22-01 under the title “Reducing the Significant Risk of Known Exploited Vulnerabilities.” Per CISA, the rationale behind this BOD was to drive urgent and prioritized remediation of vulnerabilities actively exploited by adversaries. The directive […]
Read More >
Job Hunting on the Dark Web

Job Hunting on the Dark Web

Edan Cohen | 19 Aug 2022
The job search can be intimidating. Balancing mass resume submissions, networking, LinkedIn activities, connecting with recruiters, attending job fairs, and seeking internships (hopefully paid) and short-term contracts can be a painfully long process. So how can you convince your potential employer that you are suitable for the job? The evidence comes in many forms: job […]
Read More >
Vacation Scams on the Dark Net

Vacation Scams on the Dark Net

Adi Bleih | 18 Aug 2022
Introduction This summer, the sky is open without almost no flight restrictions for the first time since the beginning of the covid-19 pandemic. Tourism levels are reaching pre-pandemic levels, and even passing them in some countries. While your friends and family taking some days off somewhere, threat actors are working harder to harm your wallet […]
Read More >
How threat intelligence can protect your business from cyberattacks

How threat intelligence can protect your business from cyberattacks

Michael-Angelo Zummo | 18 Aug 2022
Cybersixgill’s takeaways from Black Hat USA 2022 Authors: Brad Liggett, Chris Strand, Michael-Angelo Zummo Recently, we attended the 25th annual Black Hat USA 2022 in Las Vegas the week of August 7 – and we were excited to be there. As one of the premier information security events, Black Hat brings together leading security experts, […]
Read More >
NFT Scamming on the Underground

NFT Scamming on the Underground

Adi Bleih | 16 Aug 2022
INTRODUCTION Blockchain products are ripe with cybercriminals and scammers chasing cash. But the bad actors and hackers targeting cryptocurrency and non-fungible tokens may not be whom you expect. NFTs are digital products, such as images or songs, that use the blockchain to represent proof of ownership. Creators sell NFTs on virtual markets that accept cryptocurrency […]
Read More >