Threat Landscape on BSG Blog — Cybersecurity Insights

MITRE D3FEND Framework: Complete Guide for Defensive Security

Thu, 29 Jan 2026 17:00:00 +0000

MITRE D3FEND is a knowledge graph of cybersecurity countermeasures that gives defenders a structured way to select, organize, and communicate defensive techniques. While MITRE ATT&CK catalogs how adversaries attack, D3FEND answers the follow-up question every blue team asks: what exactly should we do about it?

EUVD Database: Europe’s CVE Alternative Explained | BSG

Wed, 14 May 2025 11:11:06 +0000

As the MITRE-run CVE program faces operational challenges, Europe has quietly launched a significant alternative. The European Vulnerability Database (EUVD), developed by ENISA, officially went live in April 2025.

Though some viewed it as a reaction to MITRE’s instability, the EUVD was long in the making. Its creation was mandated under the NIS2 Directive (Articles 62–63), adopted in 2022, which required ENISA to develop a vulnerability database serving the EU digital ecosystem.

Cyber Incident Response Plan for Small Business [2025]

Sat, 03 May 2025 16:06:58 +0000

In today’s volatile cyber landscape, even small businesses are not immune to disruptive cyberattacks. Ransomware, phishing, and data breaches increasingly target companies of all sizes, and the ability to respond effectively can mean the difference between recovery and ruin. Interestingly, a valuable resource developed for UK local governments offers practical lessons for the private sector: the Local Government Association’s “Cyber Incident Grab Bag.”

CVE Under Threat: What You Need to Know

Wed, 16 Apr 2025 17:01:36 +0000

The Common Vulnerabilities and Exposures (CVE) program is one of the most critical pillars of modern cybersecurity. Without it, organizations around the world would struggle to identify, track, and prioritize vulnerabilities in software and hardware. But as of April 16, 2025, this essential system is facing a major disruption: the expiration of MITRE’s federal contract to operate the CVE program. Here’s what’s happening—and why you should care.

Preventing Crypto Exchange Hacks: Lessons from Bybit Heist

Wed, 26 Feb 2025 11:27:46 +0000

Bybit, a cryptocurrency exchange, recently suffered one of the largest crypto thefts in history, with attackers making off with $1.4 billion. The attack, attributed to North Korean cybercriminals, exploited vulnerabilities in Bybit’s security processes, leveraging malware and social engineering to bypass multi-signature protections. This blog post breaks down how the attack occurred, the techniques used by the attackers, and lessons for the crypto industry.

Cyber Kill Chain & MITRE ATT&CK Defense Guide | BSG

Thu, 06 Feb 2025 15:41:48 +0000

In today’s threat landscape, cyberattacks are more sophisticated and persistent than ever. Organizations need structured approaches to detect, analyze, and respond to threats effectively. Two critical frameworks that have shaped modern cybersecurity defense are the Cyber Kill Chain and the MITRE ATT&CK Framework. Understanding these models can significantly improve threat detection, incident response, and overall cybersecurity resilience.

2024’s Worst Cyberattacks: Security Lessons & Tips | BSG

Mon, 13 Jan 2025 23:47:29 +0000

2024 was a challenging year for cybersecurity, with some of the most significant data breaches and cyberattacks making headlines. In this article, we analyze the key breaches outlined in Wired’s article, “The Worst Hacks of 2024,” along with high-value reference sources to dive deeper into the methods attackers used and the lessons we can learn. For each breach, we summarize the incident, highlight the vulnerabilities exploited, and recommend actionable countermeasures to strengthen defenses.

Salt Typhoon: A Wake-Up Call for Telecom User Privacy

Mon, 30 Dec 2024 11:29:47 +0000

In late 2024, cybersecurity headlines were dominated by Salt Typhoon—a sophisticated cyber-espionage campaign attributed to Chinese state-sponsored actors. The attack targeted global telecommunications providers, exposing critical vulnerabilities in telecom infrastructure and endangering the privacy of millions. This campaign, while technically impressive, serves as a dire warning of how weaknesses in critical industries can have far-reaching implications for user privacy, corporate security, and even national resilience.

2024 EU Cybersecurity Insights

Mon, 09 Dec 2024 11:55:52 +0000

The 2024 EU Cybersecurity Report provides a detailed overview of the Union’s digital security challenges, key areas for improvement, and actionable strategies for stakeholders. As threats grow in complexity, this report highlights critical findings, emerging trends, and strategic recommendations to bolster the EU’s cybersecurity posture.

Zero-Day Vulnerabilities: A Growing Threat in Cyberattacks

Sat, 16 Nov 2024 14:07:05 +0000

A Shift in Cyberattack Tactics

The UK National Cyber Security Centre (NCSC), together with its counterparts from the US, Australia, Canada, and New Zealand, recently released a joint advisory warning about a growing trend among cyber attackers: the exploitation of zero-day vulnerabilities. These vulnerabilities, which are unknown to software vendors and developers at the time of the attack, present a unique and significant risk because they are exploited before a patch or fix is available. The advisory lists the top 15 vulnerabilities most frequently targeted in 2023, many of which were zero-days, highlighting a shift in the methods used by threat actors.

CVE-2022-0271: Leaflet Maps Marker SQL Injection Exploit

Mon, 08 Aug 2022 13:42:00 +0000

Introduction

In the ever-evolving landscape of cybersecurity, vulnerabilities can emerge in the most unexpected places. Recently, our team at BSG made a significant discovery: a SQL Injection vulnerability in the popular Leaflet Maps Marker plugin for WordPress (CVE-2022-1123). As with the previous discovery of CVE-2022-25854, Ihor Bliumental was directly involved. This discovery underscores the importance of proactive security measures and the need to address vulnerabilities promptly to safeguard WordPress websites.

CVE-2022-25854: Tagify npm Stored XSS Vulnerability

Tue, 10 May 2022 16:01:51 +0000

Preface

Due to the russian war on Ukraine, we are much less active on this blog and social media. However, some events make us hit the dust off the keyboard and share some information. For instance, a vulnerability is worth a CVE. We found this one in February 2022, and a few others are under review. Meanwhile, all BSG team members are safe, and we stay operational.

Social Engineering: What It Is and How to Prevent It?

Fri, 24 Sep 2021 07:29:48 +0000

Social engineering, according to its basic meaning, is the psychological manipulation of people with the primary goal of acquiring and disclosing confidential business and personal information.

It’s unnerving to think social engineering can happen anywhere and to anyone, but you can take steps to protect yourself and your business’s confidential sensitive data.