What is CVE-2025-0994?CVE-2025-0994 is a high-severity deserialization vulnerability in Trimble Cityworks, an asset management and work order software designed for local governments and utilities. The critical infrastructure sectors Cityworks services include water and wastewater systems, energy,
Continue ReadingCategory: Recorded Future
6 Threat Intelligence Outlooks and Strategies for 2025
As threat actors continually adopt new tactics using everything from generative AI to popular SaaS applications to e-skimmer kits CISOs and their teams need the latest and most in-depth threat intelligence to stay one step ahead.
Continue ReadingMunich Security Conference
OverviewThis document provides an overview of Recorded Futures Insikt Group intelligence reporting and analysis published during the 2025 Munich Security Conference. Links to the full reports are included. This brieng is personal and condential not for
Continue ReadingInside the Scam: North Korea’s IT Worker Threat
Executive SummaryIn an era in which remote work has become the norm, North Korea has seized the opportunity to manipulate hiring processes, using fraudulent information technology (IT) employment to generate revenue for the regime. North Korean
Continue ReadingWorking in Singapore at the World’s Largest Intelligence Company
Did you know? Recorded Future operates out of seven offices worldwide. Besides our US locations, we have offices in London, Gothenburg, Dubai, Tokyo, and Singapore. With over 42 nationalities and at least as many spoken languages,
Continue ReadingTAG-124’s Multi-Layered TDS Infrastructure and Extensive User Base
Analysis cut-off date: January 7, 2025Executive SummaryInsikt Group has identified multi-layered infrastructure linked to a traffic distribution system (TDS) tracked by Recorded Future as TAG-124, which overlaps with threat activity clusters known as LandUpdate808, 404TDS, KongTuke,
Continue Reading“Crazy Evil” Cryptoscam Gang: Unmasking a Global Threat in 2024
"Crazy Evil" Cryptoscam GangSince 2021, the "Crazy Evil" cryptoscam gang has escalated into one of the most prolific cybercriminal groups targeting digital assets. Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a
Continue ReadingCleo MFT: CVE-2024-50623
What is CVE-2024-50623CVE-2024-50623 is a critical unrestricted file upload and download vulnerability that could lead to remote code execution (RCE).What are the affected products?The vulnerability affects Cleo's managed file transfer (MFT) products Harmony, VLTrader, and LexiCom
Continue ReadingAnnual Payment Fraud Intelligence Report: 2024
SummaryThe 2024 Payment Fraud Intelligence Report from Recorded Future highlights a year of significant evolution in the fraud landscape, setting the stage for challenges in 2025. Key findings include a surge in stolen card data, with
Continue ReadingRedDelta: Chinese State-Sponsored Group Targets Mongolia, Taiwan, and Southeast Asia with Evolving Cyber Threats
Summary:Between July 2023 and December 2024, Insikt Group observed the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with an adapted infection chain to distribute its customized PlugX backdoor. The group used lure
Continue Reading