Mayhem Blog

Antoine Vastel from DataDome explains how detecting bots is an arms race: the better we get at detecting them, the more the bots evolve to evade detection.

You'd think there's an end-of-life procedure to erase personal health and network configuration information from medical devices. Deral Heiland says otherwise.

Ransomware is now old news. Attackers are skipping the encryption and simply extorting the exfiltrated data, according to Thomas “Mannie” Wilken.

Imagine a data dump of files similar to the Snowden Leaks in 2013, only this it’s not from the NSA but from NT Vulkan, a Russian contractor.

Rather than use backdoor exploits, attackers are stealing credentials going through the front door - sometimes from the tools we trust.

What if an OAUTH access token wasn’t deleted? This could expose databases to bad actors.

Esteban Jimenez of ATTI Cyber talks about his experience with the reconstruction of the cybersecurity system following the Conti ransomware attack.

Central and Latin America appear to be a new playground for bad actors testing new malware. But Central and Latin America are learning how to fight back.‍

Speaking at Black Hat 2023, Kelly Shortridge is bringing cybersecurity out of the dark ages by infusing security by design to create secure patterns and practices. It’s a subject of her new book on Security Chaos Computing, and it’s a topic that’s long overdue to be discussed in the field.