Category: Dossiers
-
Read more: Real-World MFA Bypass Techniques in Recent Breaches (2024–2025)
Real-World MFA Bypass Techniques in Recent Breaches (2024–2025)
MFA bypass surged in 2024–2025 with AiTM kits, token theft, SIM swaps, and fatigue. From Tycoon 2FA to Change Healthcare, only phishing-resistant MFA holds.
-
Read more: From Chatrooms to Cartels: The Rise of Initial Access Brokers
From Chatrooms to Cartels: The Rise of Initial Access Brokers
Inside the hidden economy of Initial Access Brokers. Where stolen credentials and network footholds are packaged, priced, and sold to ransomware crews and cybercrime syndicates.…
-
Read more: CVE Weaponization: From Disclosure to Live Exploitation
CVE Weaponization: From Disclosure to Live Exploitation
From disclosure to exploit kit: how a small slice of CVEs get weaponized fast, why PoCs matter, and how defenders can cut the window.
-
Read more: Earth Lamia: China-Nexus APT Exploiting Web Application Flaws Across Asia
Earth Lamia: China-Nexus APT Exploiting Web Application Flaws Across Asia
China-linked APT Earth Lamia exploits web vulnerabilities across Asia using modular backdoors and custom privilege escalation tools.
-
Read more: Strategic CVE Exploitation: Why Context, Not Volume, Determines Risk
Strategic CVE Exploitation: Why Context, Not Volume, Determines Risk
Only 1–2% of CVEs are ever exploited. This strategic report proves why context, not volume, must drive your vulnerability management priorities.
-
Read more: Pegasus Spyware Lifecycle: Evolution of Zero-Click Surveillance
Pegasus Spyware Lifecycle: Evolution of Zero-Click Surveillance
Comprehensive dossier on Pegasus spyware: evolution, zero-click exploits, case studies, global abuse, and the surveillance arms race shaping digital sovereignty.
-
Read more: Initial Access Brokers Reshape Cybercrime Operations: 2020–2025 Threat Evolution
Initial Access Brokers Reshape Cybercrime Operations: 2020–2025 Threat Evolution
Initial Access Brokers are reshaping ransomware operations with cheap, privileged access sales—doubling activity from 2023–2025 despite global takedowns.
-
Read more: [Threat Actor Profile] Sandworm’s 2024–2025 Playbook — Infrastructure, Targets, TTPs
![[Threat Actor Profile] Sandworm’s 2024–2025 Playbook — Infrastructure, Targets, TTPs](https://noorstream.com/wp-content/uploads/2025/08/noorstream-sandworm.png)
[Threat Actor Profile] Sandworm’s 2024–2025 Playbook — Infrastructure, Targets, TTPs
Sandworm (APT44) GRU unit’s 2024–2025 playbook: ZEROLOT wiper, BadPilot access ops, and sector‑specific TTPs mapped to MITRE.
-
Read more: The Exploit Economy: How Zero-Days Are Bought, Sold, and Weaponized
The Exploit Economy: How Zero-Days Are Bought, Sold, and Weaponized
Insightful analysis of the 2023–2025 zero‑day exploit market: pricing trends, key actors, case studies and defensive strategies for enterprises and policymakers.
-
Read more: Verify Before You Reply: A Guide to Handling Unknown WhatsApp Messages
Verify Before You Reply: A Guide to Handling Unknown WhatsApp Messages
Threat WhatsApp continues to be a common platform for scams targeting Muslims — from fake charity collections to people pretending to be relatives in need.…