Latest Insights

Bug Bounty Programs – a Public Good that is a Necessity for Corporates, SMEs, and Individuals Alike

As the cyber threat landscape continues to evolve and threat actors increasingly target vulnerable external-facing assets, bug bounties present organizations with an opportunity to proactively identify and remediate vulnerabilities before they can be exploited by attackers. In today’s digital age, cyber threats have become increasingly prevalent, and enterprises are struggling to keep up with the…

Secure Your Holidays: The Case of Qakbot and Black Basta

On the eve of Christmas, a suspected Black Basta affiliate conducted a ‘quick and dirty’ attack on a global client, lending insight into the opportunistic targeting of victims during holiday downtime periods. The Significance of Dates The holidays are a time for rest and rejuvenation for most. But for attackers, the holidays present a timely…

Forecasting the Cyber Threat Landscape: What to Expect in 2023

In a blink of an eye, 2023 is upon us. As we bid farewell to another record-breaking year of increased disclosed vulnerabilities, ransomware incidents, phishing scams, data breaches, and crypto heists, it is hard not to imagine that this year will be any less eventful as threat actors aggressively lower the barriers to entry of…

LockBit 3.0: New Capabilities Unlocked

LockBit persists as the most prominent Ransomware-as-a-Service (RaaS) groups in 2022, showcasing heightened capabilities in their LockBit 3.0 iteration and a persistent nature to continuously evolve. As the LockBit RaaS group re-emerges with their new and improved ransomware, LockBit 3.0 (also known as LockBit Black), we observed new capabilities and a heightened sophistication based on…

Hong Kong and Singapore Citizens Actively Targeted by Large-Scale Global Smishing Campaign

PwC’s Dark Lab uncovers a large-scale smishing campaign actively targeting Hong Kong and Singapore citizens by masquerading as trusted and reputable locally based public and private postal service providers. On 21 September 2022 , PwC’s Dark Lab observed SMS phishing (smishing) activity targeting mobile users in Hong Kong. The message masqueraded as the postal service…

Phishing for Profit: Business Email Compromises

There are plenty of phish in the sea and they’re back with new tricks! Dark Lab responds to multiple business email compromise campaigns targeting Hong Kong. We outline two recent incidents, sharing the Tactics, Techniques, and Procedures (TTPs) observed, and recommendations on how to prevent, detect, and respond to a phishing attack. Business email compromise…

Loading…

Something went wrong. Please refresh the page and/or try again.