Recorded Future Archives - Help Net Security

Recorded Future

OpenDXL Ontology: An open source language for connecting cybersecurity tools

February 24, 2020

The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common …

Which vulnerabilities were most exploited by cybercriminals in 2019?

February 6, 2020

Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by …

Recorded Future and ServiceNow offer faster incident response and third-party risk analysis

October 25, 2019

Recorded Future, the leading provider of security intelligence, announced a new relationship with ServiceNow to expedite security professionals’ decision-making …

Malware peddlers hit Office users with old but reliable exploit

June 10, 2019

Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …

Insight Partners acquires Recorded Future for $780 million

May 30, 2019

Insight Partners has agreed to acquire a controlling interest in Recorded Future. The all-cash transaction values Recorded Future at more than $780 million and will accelerate …

PoC exploit for critical Apache Struts flaw found online

August 27, 2018

The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged …

Dragos to integrate ICS-specific threat intelligence with cyber intelligence partners

August 10, 2018

Dragos announced that its industrial control system (ICS) threat intelligence product, WorldView, will integrate with partner companies, ThreatConnect, Recorded Future, …

Counterfeit digital certificates for sale on underground forums

February 23, 2018

Signing malicious code with valid digital certificates is a helpful trick used by attackers to maximize the odds that malware won’t be flagged by antivirus solutions and …

Telegram-based Katyusha SQL injection scanner sold on hacker forums

July 12, 2017

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …

For timely vulnerability information, unofficial sources are a better bet

June 7, 2017

From over 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75% were publicly reported online before they were published to the NIST’s centralized …

Malware Hunter: Find C&C servers for botnets

May 3, 2017

Recorded Future and Shodan released Malware Hunter, a specialized crawler for security researchers that explores the Internet to find computers acting as remote access trojan …

Hacker breached 60+ unis, govt agencies via SQL injection

February 16, 2017

A hacker tied to the November 2016 penetration of the US Election Assistance Commission and subsequent database sale has successfully targeted 60+ government agencies and …