Security updates
Expand your knowledge of the cybercrimes with our technical content from our very own SOC team. Each security update takes a deep dive into a vulnerability and offers you a detailed insight into how best to protect you and your organisations. Leverage our expertise and secure your business, people and network.
At Cybanetix, we have conducted a thorough analysis of the emerging Ghost Stealer / GhostLord malware campaigns, an increasingly sophisticated threat targeting UK organisations across various sectors. Our research reveals the tactics, techniques and behaviours driving this new wave of credential theft, data exfiltration and persistence mechanisms observed in recent attempted intrusions.
If Ghost Stealer / GhostLord is on your radar, or if you want to ensure it becomes a threat your organisation can confidently defend against, we’re here to support you. Get in touch to access the report or find out how Cybanetix can help strengthen your security posture against emerging malware campaigns.
Our teams have been tracking a newly identified information-stealing malware called Noodlophile Stealer. Bad actors introduced Noodlophile to the public through the booming interest in AI tools by spreading fake AI video-generation websites on social media. Our report outlines the tactics, techniques, and behaviours of this new threat.
Whether you are currently monitoring Noodlophile Stealer or want to make sure your organisation is prepared to defend against it, we can help. Get in contact with us today to learn how Cybanetix can help reinforce your security posture against new malware campaigns.
In the latest research from our SOC, we have been monitoring the concerning PromptLock AI-assisted malware, a ransomware toolkit with an unprecedented architecture, offloading
much of its malicious logic to an AI language model rather than relying solely on pre-written code. We have identified and detailed the tactics, techniques, and behaviours of this new threat in our new report.
If you are tracking PromptLock or aiming to stay ahead of this threat, we can assist. Contact us today to discover how Cybanetix can strengthen your organisation’s defences against evolving AI-assisted malware campaigns.
At Cybanetix, our team has been investigating the emerging XWorm RAT malware, a versatile tool allowing attackers to steal sensitive information, gain remote control of systems, and deploy additional payloads. Our investigation has uncovered the tactics, techniques, and behaviours used by the bad actors behind this multifaceted malware-for-sale operation.
Whether you’re already monitoring XWorm RAT or want to proactively protect your organisation against this threat, our team is ready to help. Contact us to learn how Cybanetix can help enhance your defences against the latest malware campaigns.
How to stop the modern day bank heists!
Inside Man is a modern-day bank heist, where the main character commits the heist with the objective of exposing the bank owners’ nefarious activities, giving him the moral high ground and making it hard not to root for him. 🏦
Want to learn more about how DORA could have prevented the heist in Inside Man? Explore our full blog post to see how DORA would rewrite the script and prevent the attack from even happening in the first place.👇
When Cybersecurity Doesn’t Save the Day… 🦇
In Christopher Nolan’s epic sequel ‘The Dark Knight’, Lucius Fox creates a cutting-edge device that turns laptops, phones, and even traffic lights into a powerful SONAR system. Batman then uses his epic echolocation skills to identify the Joker’s final location and ultimately defeat him. Hooray! 🎉
Heading to Infosec 2025?
You’ve got your boarding pass, your comfy shoes, and your hotel booked. But when it comes to your organisation’s security posture, have you packed the essentials?
We know conferences are busy, but while you’re out collecting swag and swapping business cards, attackers are still hard at work. So we created this Cybersecurity Packing Guide to help you think like a traveller – but act like a security leader.
At Cybanetix, we have conducted extensive research into the tactics and techniques employed in the recent attempted breaches at M&S, Co-Op, and Harrods. We recognize the importance of these findings for organisations like yours and we are eager to share our high-level insights to help bolster your cybersecurity efforts.
In addition to our research, we have developed a comprehensive suite of forensic tools, indicators of compromise, and posture checks. Our proactive threat-hunting initiatives have been successfully implemented across our customer base. If you’re interested in enhancing your organisation’s security posture, we’re here to help. Reach out to us to learn more about how we can assist you.
Wind the clocks back to 1995 and ransomware was a big enough threat that it inspired a movie: Hackers. The cult-classic sees computer security officer Eugene Belford—a hacker known as The Plague—plant a virus designed to defraud his employer, Ellingson Mineral Corporation.
Let’s revisit the film with modern defence tools and see if we can stop The Plague’s attacks before they cause any harm.
Too often, modern-day cyber security incidents are action-packed with dramatic consequences. We have seen the British Library held to ransom1, Florida’s water supply almost poisoned by a hacker2, and PlayStation’s gamers in a real-life battle to protect their personal data3. But, back in 1993, it was a cyber security disaster movie making the headlines: Jurassic Park.
In the penultimate instalment, we dissect the risks associated with integrating LLMs in SOCs. From data privacy concerns to potential biases in models, understanding and mitigating these risks is crucial. We’ll provide insights and strategies to ensure a secure implementation that aligns with industry best practices.
As organizations contemplate integrating LLMs into their security frameworks, a critical decision arises – to build and train their own models or to consume LLM capabilities via security platform providers. Part two of our series weighs the pros and cons of both options, offering a comprehensive guide for end-users to make informed choices that align with their unique cybersecurity needs.
In the first instalment of our blog series, we dive into the landscape of Large Language Models (LLMs) in Security Operations Centres (SoC). We explore the potential these models hold for enhancing threat detection, investigation, and response. Gain insights into the risks and opportunities that come with this revolutionary approach to cybersecurity.
I’m sure you’ve seen the headlines at the moment about the latest Microsoft security vulnerability, named “PrintNightmare”.
Thus far Microsoft have failed to address the issue with two out of sequence patch releases. Here at Cybanetix,
we have dissected the vulnerability and can share with you our findings, along with ways to mitigate, detect and
secure your networks. This article designed to be factual and to provide some perimeter information around the
print nightmare problem.
IPinfo.io empowers Cybanetix SOC with real-time IP address and geolocation data, enhancing threat detection, incident response, and risk assessment. By swiftly identifying origins and patterns, IPinfo.io equips SOC analysts to proactively safeguard digital assets and counter emerging cyber threats.
IPinfo.io’s comprehensive database offers real-time information about IP addresses, including their geographical locations, autonomous system numbers (ASNs), internet service providers (ISPs), and more. This enables the Cybernetix SOC to swiftly identify and analyze the source of network activities, potentially identifying malicious actors, unauthorized access attempts, or suspicious traffic patterns.
