Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus

Credit to Author: Mickey Jin| Date: Wed, 15 Sep 2021 00:00:00 GMT

Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple’s BlastDoor security, and allow attackers access to a device without user interaction.

Read more

APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs

Credit to Author: Jaromir Horejsi| Date: Mon, 13 Sep 2021 00:00:00 GMT

We have continued tracking APT-C-36, also known as Blind Eagle, since our research on this threat actor in 2019. We share new findings of APT-C-36’s ongoing spam campaign targeting South American entities.

Read more

APT-C-36 Updates Its Long-term Spam Campaign Against South American Entities With Commodity RATs

Credit to Author: Jaromir Horejsi| Date: Mon, 13 Sep 2021 00:00:00 GMT

In 2019, we wrote a blog entry about a threat actor, known as APT-C-36 or Blind Eagle, targeting entities in Colombia and other South American countries with spam emails. We have continued tracking this threat actor and share our new findings about APT-C-36’s ongoing spam campaign during that monitoring phase.

Read more

Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs


Microsoft has disclosed the existence of a new zero-day vulnerability that affects multiple versions of Windows. This vulnerability (designated as CVE-2021-40444) is currently delivered via malicious Office 365 documents and requires user input to open the file to trigger.

Read more

The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors

Credit to Author: Numaan Huq| Date: Thu, 02 Sep 2021 00:00:00 GMT

The United Nations Regulation No. 155 sets requirements for cybersecurity in vehicles. We conducted a threat modelling exercise on its defined attack vectors as a form of risk assessment in order to help organizations comply with this regulation and identify what to prioritize.

Read more