Blog
Our latest news.
Stay up-to-date with news and blog posts from ASMGi on how to bridge the gap to apply technology to solve business problems.
ASMGi Posts
Cyber Insurance: Making the Most of Your Policy
Preventing Breaches: The Power of Security Awareness Training
Webinar: Resiliency in the Face of Ransomware
Zero Trust: A Paradigm Shift in Cybersecurity
Unveiling Deception: How to Spot Scams Before They Spot You
Ransomware: Strategies for Safeguarding Your Digital Assets
Unraveling the Power of AI in Cybersecurity: Safeguarding the Digital Realm
Fortifying Cybersecurity Defenses
Optimizing Healthcare Cybersecurity Cost and Staffing: Balancing Resources and Risk in Healthcare
Leading Cybersecurity Companies GS Lab | GAVS and ASMGi Announce Strategic Partnership to Enhance Global Cyber Defense
Understanding the Importance of Third-Party Risk Management in Healthcare
Embracing Smart Manufacturing: Unveiling IoT Trends, Challenges, and Cybersecurity in the Era of Industry 4.0
Cybersecurity Update – Terin D. Williams – DHS – CISA
Real Life Cyber Attacks - Dec 1 Event
The age of IoT and AI is quickly advancing, demanding more compute power and lower latency at the edge to ensure quick response and great performance.
xIoT Device Risk: Turning the Industry Inside-Out
Cyber Insurance: Digital Risk Mitigation Plan From Financial Loss
AI In Healthcare
Cybersecurity News from Around the Web
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous...
Flying Under the Radar – Security Evasion Techniques
Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks “I really like the saying that ‘This is out of scope’ said no...
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 – Nov 24)
We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might...
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it...
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the...
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that...
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft...
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers...
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat...