The Lynx Ransomware group has been increasingly active, employing sophisticated social engineering techniques and exploiting various vulnerabilities to conduct ransomware attacks on large organisations. Their TTPs include impersonation of IT staff and the abuse of legitimate tools to gain unauthorised access, culminating in data encryption and exfiltration. This post presents a technical analysis of a[…] Read
A newly discovered malware strain named LameHug is turning heads by becoming the first publicly documented malware to use a large language model (LLM) to generate real-time system commands during an active attack. Uncovered by Ukraine’s national CERT, the malware is believed to be linked to the Russian state-backed group APT28 (also known as Fancy[…] Read
Cyber threats are evolving faster than ever, and security teams are under immense pressure. A single missed signal can lead to devastating consequences. Traditional tools are no longer enough—organizations need AI-powered solutions that can outpace adversaries, uncover hidden risks, and respond with speed and precision. Enter Microsoft Security Copilot—the first generative AI security platform designed[…] Read
How Malicious AI is Reshaping the Threat Landscape Not long ago, artificial intelligence was seen as the key defender in cyber security, identifying threats, blocking malware and safeguarding networks. But what happens when AI joins the dark side? Welcome to the unsettling world of Dark AI, where artificial intelligence is weaponised to automate cyberattacks, outpace[…] Read
There have been an unprecedented number of cyber-attacks affecting large UK brands over the last few weeks, and this is understandably causing concern. At this point, the information available to us about these attacks is vague. This is normal in these circumstances because the organisations affected by these attacks will not want to compromise their[…] Read
CybaVerse are committed to equipping organisations with the knowledge and tools to combat sophisticated cyber threats. One such threat is Scattered Spider, a financially motivated hacking group known for its advanced social engineering tactics and ransomware attacks. Drawing from the National Cyber Security Centre’s (NCSC) Threat Hunting Guide on Scattered Spider (Version 1.0, dated 03/05/2025), this blog[…] Read
It’s that time again. The Windows operating system is becoming EOL (end of life). Everyone from small businesses to enterprises is looking for the right upgrade path from Windows 10 to Windows 11. Whether you’re on your own or working with a managed IT services provider, it’s time to determine how you’ll keep your computers secure[…] Read
Published by Garrett Wiesenberg, Corsica Technologies
The average cost of a data breach is $4.88M, according to IBM. Meanwhile, the cyberthreat landscape continues to evolve at an alarming pace. It’s not enough to implement MFA (multifactor authentication) and hope for the best. Cybersecurity requires expert thought leadership—and that starts in the C-suite. Yet not every organization can justify hiring a CISO (Chief[…] Read
Sometimes as a penetration tester, you instantly know there is an issue. However, simply explaining the security flaw isn’t sufficient, and you need to show why it’s an issue and how to exploit it! This is a narrative following a desktop application penetration test, doing just that. Firstly, it was noted that while the Desktop[…] Read
Managed network services are a lifesaver for overworked IT teams. Rather than monitoring network logs, troubleshooting switches, and working overtime to address vulnerabilities, you can engage a trusted partner to manage your network for you—typically as part of a managed IT support agreement. But not all network management providers are created equal. It’s hard to evaluate one provider[…] Read
Published by George Anderson, Corsica Technologies
