You wouldn’t drive without a seat belt. You wouldn’t leave your office unlocked overnight. So why go online without multifactor authentication (MFA)? MFA is like a second lock on your digital door. Instead of relying on just a password which can be stolen, guessed, or phished it adds another layer of protection, such as a[…] Read
Defense contractors have anticipated the full implementation of CMMC (Cybersecurity Maturity Model Certification) for some time now. On September 10, 2025, the Federal Register published the DFARS Final Rule, giving defense procurement officers the power to require CMMC compliance—both in new contracts and renewals of existing contracts. In other words, CMMC compliance is now required for any contractor[…] Read
Artificial intelligence has become the sharpest double-edged sword in cyber security. On one side, defenders are using it to detect threats faster, triage incidents, and reduce noise. On the other hand, attackers are bending the same technology into weapons that are faster, stealthier, and harder to predict than anything we’ve faced before. We’re already seeing[…] Read
AI has changed the world of cybersecurity forever. New threats are appearing that were unthinkable before AI. Leaders in IT and business are asking themselves tough questions: “Are we educated on the latest AI cyber attacks?” “Is our team familiar with phishing email examples—and how AI makes them even more powerful?” “Are we using the latest[…] Read
The Lynx Ransomware group has been increasingly active, employing sophisticated social engineering techniques and exploiting various vulnerabilities to conduct ransomware attacks on large organisations. Their TTPs include impersonation of IT staff and the abuse of legitimate tools to gain unauthorised access, culminating in data encryption and exfiltration. This post presents a technical analysis of a[…] Read
A newly discovered malware strain named LameHug is turning heads by becoming the first publicly documented malware to use a large language model (LLM) to generate real-time system commands during an active attack. Uncovered by Ukraine’s national CERT, the malware is believed to be linked to the Russian state-backed group APT28 (also known as Fancy[…] Read
Cyber threats are evolving faster than ever, and security teams are under immense pressure. A single missed signal can lead to devastating consequences. Traditional tools are no longer enough—organizations need AI-powered solutions that can outpace adversaries, uncover hidden risks, and respond with speed and precision. Enter Microsoft Security Copilot—the first generative AI security platform designed[…] Read
How Malicious AI is Reshaping the Threat Landscape Not long ago, artificial intelligence was seen as the key defender in cyber security, identifying threats, blocking malware and safeguarding networks. But what happens when AI joins the dark side? Welcome to the unsettling world of Dark AI, where artificial intelligence is weaponised to automate cyberattacks, outpace[…] Read
There have been an unprecedented number of cyber-attacks affecting large UK brands over the last few weeks, and this is understandably causing concern. At this point, the information available to us about these attacks is vague. This is normal in these circumstances because the organisations affected by these attacks will not want to compromise their[…] Read
CybaVerse are committed to equipping organisations with the knowledge and tools to combat sophisticated cyber threats. One such threat is Scattered Spider, a financially motivated hacking group known for its advanced social engineering tactics and ransomware attacks. Drawing from the National Cyber Security Centre’s (NCSC) Threat Hunting Guide on Scattered Spider (Version 1.0, dated 03/05/2025), this blog[…] Read
