Resecurity

Resecurity supported Microsoft’s Digital Crimes Unit (DCU) in its disruption of Fox Tempest, a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) capability used by cybercriminals to make malicious files appear legitimate. On May 19, 2026, Microsoft unsealed a legal case in the U.S. District Court for the Southern District of New York targeting Fox Tempest, a cybercrime service that abused Microsoft Artifact Signing to obtain fraudulent code-signing certificates. As part of the disruption, Microsoft seized the Fox Tempest website signspace[.]cloud, took offline hundreds of virtual machines used in the operation, blocked access to infrastructure hosting the underlying code, and revoked *more than 1,000 code-signing certificates* attributed to Fox Tempest. Microsoft also noted coordination with Europol’s European Cybercrime Centre (EC3) and the Federal Bureau of Investigation (FBI), underscoring the importance of public-private collaboration in disrupting cybercrime infrastructure. Learn more: https://lnkd.in/gQ5CRVJk #cybercrime #cybercriminals #darkweb #digital #fraud #certificates #espionage #ransomware #threatintelligence #threathunting #malware #ransomware #lawenforcement

Today, Microsoft unsealed a legal case in the U.S. District Court for the Southern District of New York focused on Fox Tempest. Resecurity collaborated with the Digital Crimes Unit (DCU) to explore how Fox Tempest operates and joined efforts to target this group, and its core infrastructure. Why this matters: services like Fox Tempest are critical enablers in today’s ransomware ecosystem. By making malicious software look legitimate, they increase both the effectiveness and scale of attacks. Disrupting these services upstream helps stop attacks earlier in the attack chain and better protect victims downstream. Additionally, the fraudulent code-signing tool developed by Fox Tempest was identified in the deployment of a number of malware strains including Aurora, Lumma Stealer, Malcert, Oyster, Vidar and many more. It was also spotted in some campaigns deployed by MuddyWater, a cyber-espionage group attributed by several experts to Iran's Ministry of Intelligence and Security (MOIS). Among the countries most targeted by Fox Tempest were the US, France and India, followed by China, Brazil, Germany, Japan, the UK, Italy and Spain. Learn more: https://lnkd.in/griDGVE7 #cybercrime #cybercriminals #darkweb #espionage #ransomware #threatintelligence #threathunting #malware #ransomware #lawenforcement

BCIU in partnership with Resecurity and RTX, hosted a dinner roundtable in Doral, Florida, on the margins of the BCIU reception with U.S. Ambassadors and Chiefs of Mission Serving in the Western Hemisphere, for a discussion on security and stability in the region. The conversation focused on advancing a secure and prosperous hemisphere through strengthened defense and security cooperation, alongside enhancing regional stability and resilience. The discussion also examined the role of public-private partnerships in protecting critical infrastructure and securing supply chains, and explored deeper collaboration on maritime security, transnational threats, and regional defense priorities. We are grateful to Christopher Landberg, Senior Bureau Official at the Bureau of International Narcotics and Law Enforcement Affairs, U.S. Department of State; The Honorable Ronald Johnson, Ambassador of the United States to Mexico; Jarahn Hillsman, Chargé d'Affaires at U.S. Embassy Bogotá, Colombia; Lawrence Petroni, Chargé d'Affaires at U.S. Embassy Quito; and Isabella Cascarano, Deputy Assistant Secretary for the Western Hemisphere at the International Trade Administration, U.S. Department of Commerce, for sharing their expert insights on evolving security threats. Business Council for International Understanding (BCIU) RTX #Cybersecurity #WesternHemisphere #SOUTHCOM #Defense #Technology #DefenseCooperation #RegionalSecurity #CriticalInfrastructure #LawEnforcement #MaritimeSecurity #ThreatIntelligence #RiskManagement #SupplyChainSecurity #PublicPrivatePartnership #BCIU

Resecurity is tracking the exploitation of CVE-2026-20182, a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controllers and Managers. The U.S. Cybersecurity and Infrastructure Security Agency added the flaw to its catalog of known exploited vulnerabilities (KEV) and gave federal agencies until Sunday (yesterday) to fix it. The authentication bypass vulnerability, initially identified as zero-day, with a CVSS score of 10, stems from a broken peering authentication mechanism in the vdaemon service. It allows attackers to manipulate SD-WAN's network configuration remotely and grants admin access to vulnerable network devices. The new vulnerability exploitation campaign comes at a critical time, as Cisco announced last week a layoff of 4,000 employees in an AI-focused restructuring. Learn more: https://lnkd.in/g3t2frW9 #authentication #cybersecurity #cisco #network #devices #threatintelligence #threathunting #secops #security #sdwan #zeroday #vulnerability

Kudos to the Resecurity Brasil team for a successful exhibition at SPIW 2026 in São Paulo! Brazil, a robust digital powerhouse, leads Latin America in mobile connectivity, with rapidly rising Internet penetration—over 180 million connected users—and a vibrant technology ecosystem. ▪️ The General Data Protection Law (LGPD), modeled after the EU’s GDPR, plays a critical role in regulating data privacy and security. Resecurity solutions enable enterprises to remain compliant and protected. ▪️ The government has implemented updated strategies, such as the E-Ciber framework and the upcoming National Cybersecurity Plan, to strengthen its defenses. The role of Cyber Threat Intelligence and Risk Management by Resecurity will become key in protecting critical infrastructure. ▪️ With widespread adoption of fintech, e-commerce, and digital banking, Brazil is facing targeted cyber attacks and fraudulent activity targeting PIX, creating a precursor to a shadow economy. To safeguard consumers and enterprises, Resecurity offers Fraud Prevention and Identity Protection solutions localized in Portuguese, and provided via our local channel partners. Obrigado a todos pelo carinho, apoio e energia positiva de sempre. ✨ #ai #brazil #cybersecurity #compliance #cloud #darkweb #dataprotection #digital #defense #data #fraudprevention #infosec #innovation #threatintelligence #threathunting #riskmanagement #riskintelligence #saas #software #security #technology #latam #SãoPaulo #SPIW2026

Resecurity is enjoying São Paulo Innovation Week 2026 (SPIW). Our team was truly excited to meet our esteemed customers and local partners in Brazil, as well as to build new alliances to accelerate cybersecurity in the country 🇧🇷 ! SPIW stands out as one of the largest innovation and technology events in Latin America. This year, the event attracted over 40,000 people, with the exhibition and networking area exceeding 20,000 m² at the Mercado Livre Arena Pacaembu . Please come by our booth to meet the Resecurity Brasil team, and join us at the upcoming session dedicated to the trust and safety of modern AI systems. Meta Oracle Motorola Solutions PD7 Tech #ai #brazil #cybersecurity #compliance #darkweb #dataprotection #digital #defense #data #infosec #innovation #threatintelligence #threathunting #riskmanagement #riskintelligence #saas #software #security #technology #innovation #latam #SãoPaulo #SPIW2026

Resecurity is exhibiting at São Paulo Innovation Week 2026 (SPIW), taking place May 13–15, 2026, in Brazil. The event is being held at the Mercado Livre Arena Pacaembu and FAAP - Fundação Armando Alvares Penteado. Being an official member of the Brazilian-American Chamber of Commerce (BrazilCham), Resecurity is successfully engaging with public and private sector stakeholders across Brazil’s innovation ecosystem to accelerate cybersecurity and facilitate resilient digital transformation across national critical infrastructure. https://lnkd.in/eT9WpX2M #brazil #cybersecurity #compliance #darkweb #dataprotection #digital #defense #data #infosec #innovation #threatintelligence #threathunting #riskmanagement #riskintelligence #saas #software #security #technology #innovation #latam #SPIW2026

Resecurity had the privilege of participating in a breakfast roundtable in Washington, DC, with The Honorable Thomas DiNanno, Under Secretary for Arms Control and International Security at the U.S. Department of State. Under Secretary DiNanno shared an update on the implementation of the America First Arms Transfer Strategy Executive Order and a wide range of international security topics. We are grateful to Under Secretary DiNanno for sharing his time and perspective on the key priorities shaping U.S. international security policy. Business Council for International Understanding (BCIU) Boeing #StateACN #Compliance #Nonproliferation #EmergingTech #ArmsControl #InternationalSecurity #NationalSecurity #BCIU h/t Nisha Wadhawan and Jeffrey Donald

According to Resecurity, the loss of Venezuela as a permissive environment has disrupted long-standing safe havens for operatives tied to Iran’s Islamic Revolutionary Guard Corps (IRGC) and Hezbollah. Our analysis shows that Iran-linked communities maintain a significant presence across the region, including in Argentina, Bolivia, Brazil, Colombia, Costa Rica, Cuba, Ecuador, Honduras, Mexico, Nicaragua, Paraguay and Peru. Using graph-based analysis and AI tools, our HUNTER team mapped key actors and network structures, drawing on metadata such as phone numbers, email addresses, and IP data to support law enforcement targeting. https://lnkd.in/e8sP8VYx #cyberintelligence #data #defense #technology #mobile #devices #lawenforcement #intelligence #threatintelligence #threathunting #riskmanagement #riskintelligence #osint #security #latam #venezuela #iran

Resecurity had a great time at the ISACA 2026 North America Conference, a premier event for IT audit, governance, risk, and cybersecurity professionals. ▪️ Our product team showcased how Resecurity enables Fortune 100 enterprises and government agencies to reimagine cybersecurity operations, digital identity, and privacy by design, leveraging AI-powered ERMM (External Risk Mitigation & Management) solutions. ▪️ It was a pleasure to meet our customers and channel partners not only from North America but also from other regions, who arrived for training and certifications. Our products are widely used for cyber risk assessment and intelligence collection, enabling professionals to navigate the constantly changing threat landscape. ▪️ A huge thank you to the organizers, speakers, and all the professionals who stopped by to engage with us. Events like these are pivotal in fostering collaboration and advancing cybersecurity practices across industries. #ai #cybersecurity #cyberrisk #compliance #dataprotection #databreach #darkweb #grc #threatintelligence #threathunting #riskmanagement #riskintelligence #security #infosec #saas #isaca #northamerica