f:["$","div",null,{"children":[["$","section",null,{"children":[["$","$L31",null,{"className":"PageHeader_backgroundVideo__ujRYj","src":"https://player.vimeo.com/video/879797927?h=b1ef0cd1cc"}],"$undefined",["$","div",null,{"children":["$","div",null,{"style":{"maxWidth":"800px"},"children":["$","div",null,{"children":[["$","h1",null,{"children":"Scenario Intelligence Library","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-7 md:rt-r-size-8 rt-r-ta-center Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","span",null,{"children":"Browse our collection of deployment-ready threat scenarios that eliminate research time and strengthen your defenses immediately. Each scenario is supported by step-by-step implementation guides and customizable resources.","data-accent-color":"$undefined","style":{"display":"block"},"className":"rt-Text rt-r-ta-center"}],"style":"$undefined","className":"rt-Box rt-r-px-0 md:rt-r-px-9"}],["$","div",null,{"children":[["$","$L24","28473",{"link":{"target":"","title":null,"label":"Book 20-min Readiness Call","url":"Intercom('show');","type":"intercom","element":null,"__typename":"linkField_Link"},"style":{"boxSizing":"border-box"},"children":["$","button",null,{"data-disabled":"$undefined","data-accent-color":"","data-radius":"$undefined","style":"$undefined","className":"rt-reset rt-BaseButton rt-r-size-3 rt-variant-solid rt-Button Button_base__t7GeV Button_primary__EhHZP","disabled":"$undefined","children":["$undefined",["$","span",null,{"children":"Book 20-min Readiness Call","data-accent-color":"$undefined","style":"$undefined","className":"rt-Text rt-r-weight-bold"}],"$undefined","$undefined"]}]}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column xs:rt-r-fd-row rt-r-ai-center rt-r-jc-center rt-r-gap-4"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-gap-4"}],"className":"rt-Box"}],"style":"$undefined","className":"rt-Flex rt-r-jc-center PageHeader_content__7v2Pg"}]],"style":"$undefined","className":"rt-Section rt-r-size-3 PageHeader_base__bPWzS"}],["$","div",null,{"children":[["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Trending Scenarios","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"13449","title":"Exploiting Unpatched or Zero-day Vulnerability in VPN or Firewall Solution","slug":"exploiting-unpatched-or-zero-day-vulnerability-in-vpn-or-firewall","uri":"app/scenarios/exploiting-unpatched-or-zero-day-vulnerability-in-vpn-or-firewall","postDate":"2023-06-19T20:48:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

When threat actors exploit unpatched or zero-day vulnerabilities in VPN solutions, their objective is commonly to gain unauthorized access to a target's network, circumventing security measures and potentially leading to data theft, malware deployment, or establishing a foothold for further malicious activities. This scenario outlines the attack chains employed by threat actors in such cases, derived from a comprehensive analysis of 2022-24 data and industry reporting.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"12934","title":"Most prevalent Business Email Compromise scams","slug":"business-email-compromise","uri":"app/scenarios/business-email-compromise","postDate":"2023-05-22T21:12:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Business Email Compromise (BEC) deceive victims into transferring funds or valuable items to the attacker. This scenario highlights key BEC attack sequences, derived from a thorough review and analysis of 2023 data and industry reports, with a particular focus on techniques such as supplier invoice scams, executive impersonation, gift card scams, email account takeover, and payroll diversion attacks.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"12086","title":"Software supply chain manipulation gaining unauthorised access to client environments","slug":"software-supply-chain-manipulation","uri":"app/scenarios/software-supply-chain-manipulation","postDate":"2023-03-10T07:55:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

Software is used in various aspects of a companies supply chain and adversaries actively compromise provider solutions to manipulate software and obtain indirect or direct unauthorized entry into a victim company. Our scenario offers a comprehensive perspective on the four key elements inherent to supply chain attacks, detailing both shared and distinct aspects within their respective attack chains.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"27044","title":"Threats to Machine Learning’s Underlying Models","slug":"threats-to-machine-learnings-underlying-models","uri":"app/scenarios/threats-to-machine-learnings-underlying-models","postDate":"2024-01-10T14:57:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-01-12T00:00:00+00:00","releaseDateString":"January 12th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

This Scenario focuses on several different ways that ML models can be targeted by attackers to manipulate the results. This scenario identified attacks both theoretical and those that have been observed in the wild. These attacks exploit vulnerabilities in LLM supply chains, as seen in incidents like a poisoned model uploaded to a major LLM repository. The integration of ML in systems continues to increase the risk of evasion techniques, for example compromising malware detection neural networks.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"13460","title":"Phishing attacks using Adversary-in-the-middle, Mark of the web bypass, and Telephone-Oriented Attack Delivery methods","slug":"hishing-attacks-using-adversary-in-the-middle-mark-of-the-web-bypass-and-telephone-oriented-attack-delivery-methods","uri":"app/scenarios/hishing-attacks-using-adversary-in-the-middle-mark-of-the-web-bypass-and-telephone-oriented-attack-delivery-methods","postDate":"2023-06-19T22:16:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Phishing aims to deceive victims into sharing sensitive information, obtaining data, or compelling certain actions that benefit the attacker, often employing social engineering tactics. Our scenario highlights key phishing attack sequences for clients, derived from current data and industry reporting, with a specific focus on techniques like Adversary-in-the-middle (AiTM), Mark of the web (MotW) bypass, and Telephone-Oriented Attack Delivery (TOAD) due to their notable significance and impact.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Trending Systems","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"46971","title":"How to Create Your Stakeholder Matrix","slug":"how-to-stakeholder-matrix","uri":"app/systems/how-to-stakeholder-matrix","postDate":"2024-06-21T14:13:00+00:00","section":"systems","typeHandle":"system","showCountdown":true,"releaseDate":"2024-07-14T00:00:00+00:00","releaseDateString":"July 14th","image":[{"id":"10739","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SAVE-TIME.jpg","title":"USE CASE SAVE TIME","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SAVE-TIME.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SAVE-TIME.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

A stakeholder matrix is a crucial tool for identifying and \nmanaging stakeholders in any project, including threat intelligence. It \nhelps you prioritize stakeholders based on their level of influence and \ninterest.

This system provides a foundational understanding how stakeholders can optimize their use of (cyber threat) intelligence in their daily activities. Enabling them to leverage output for decision support in mitigating cyber threats.

Fundamental to every cyber threat intelligence program is the creation of a cyber threat intelligence process. This system offers practical guidance on setting up a structure for establishing a strong cyber threat intelligence process

Creating a strong threat landscape deliverable is key to presenting a clear narrative on threat and risk to an organization. This system details our approach to building successful and impactful threat landscape deliverables.

","features":[{"value":"Action Items","__typename":"contentListTable_TableRow"},{"value":"System","__typename":"contentListTable_TableRow"},{"value":"Templates","__typename":"contentListTable_TableRow"},{"value":"Workshop","__typename":"contentListTable_TableRow"}],"moduleCount":6,"scenarioCount":0,"__typename":"systems_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months","q4-newsletter-free-systems-code"]},{"id":"12624","title":"How to Implement Scenario-based Threat Management","slug":"implementing-scenario-based-threat-management","uri":"app/systems/implementing-scenario-based-threat-management","postDate":"2023-04-25T09:03:00+00:00","section":"systems","typeHandle":"system","showCountdown":true,"releaseDate":"2024-07-09T22:00:00+00:00","releaseDateString":"July 9th","image":[{"id":"10739","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SAVE-TIME.jpg","title":"USE CASE SAVE TIME","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SAVE-TIME.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SAVE-TIME.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Implementing scenario-based threat management is a proactive approach to anticipate and address potential cyber threats before they manifest into real-world incidents. In this system we detailed practical steps to start with scenario-based threat management.

This system provides our approach to model risk by utilizing Attack Flow. This is our preferred method for visualizing and understanding potential attack paths in your organization’s security infrastructure. Attack Flow is an easy and effective way to help security teams to see how various vulnerabilities and threats could be exploited in sequence, offering a dynamic view of potential attack paths.

Building your own incident response playbooks is an effective way to prepare and respond to cyber threats quickly and effectively. This guide shows you how to make these playbooks fit your organization’s specific risks, so you’re always prepared for what’s out there. Making them threat-informed is even better, as this allows you to quickly adapt and align to developments in the threat landscape.

","features":[{"value":"Action Items","__typename":"contentListTable_TableRow"},{"value":"System","__typename":"contentListTable_TableRow"},{"value":"Template","__typename":"contentListTable_TableRow"}],"moduleCount":1,"scenarioCount":0,"__typename":"systems_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months","q4-newsletter-free-systems-code"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Upcoming","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"66739","title":"How to Start Lean Cybersecurity","slug":"how-to-start-lean-cybersecurity","uri":"app/premium/how-to-start-lean-cybersecurity","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-10-04T00:00:00+00:00","releaseDateString":"October 4th","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"$33","features":null,"moduleCount":1,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"66745","title":"How to Setup Agile Security Operations","slug":"how-to-setup-agile-security-operations","uri":"app/premium/how-to-setup-agile-security-operations","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-10-17T00:00:00+00:00","releaseDateString":"October 17th","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"$34","features":null,"moduleCount":1,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"66727","title":"How to Setup an ISMS as Prompt","slug":"how-to-setup-isms-prompt","uri":"app/premium/how-to-setup-isms-prompt","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-11-28T00:00:00+00:00","releaseDateString":"November 28th","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Information Security Management Systems (ISMS) provide a structured approach to managing risks and safeguarding sensitive information. They allow companies to comply with security standards like ISO 27001, which are essential for landing clients in regulated industries. With an ISMS, organisations demonstrate their commitment to information security and are able to build trust with clients. Because of this, many security teams frequently pivot to professional Governance, Risk Management and Compliance (GRC) tools to manage the complexity of their ISMS. However, these tools are often expensive and demand significant time and effort to implement. While they offer robust solutions, the cost and resource requirements can be prohibitive for small teams with limited budgets. In this system, we learn how to build an ISMS as prompt system, allowing security teams to write, deploy and maintain policies at unprecedented speed.

","features":null,"moduleCount":0,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"66709","title":"How to Setup Lean Vulnerability Management","slug":"how-to-setup-lean-vulnerability-management","uri":"app/premium/how-to-setup-lean-vulnerability-management","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-10-03T00:00:00+00:00","releaseDateString":"October 3rd","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Vulnerability management is the primary mechanism for protecting an organisation’s digital assets. It is well known that unpatched vulnerabilities are a leading cause of data breaches. Without proper metrics, it is difficult to measure the effectiveness of a vulnerability management programme. Many lean teams rely on metrics provided by scanning tools, but these are often too generic. Instead, organisations should focus on developing leading metrics that offer a clear, actionable view of their vulnerability landscape while helping flag potential performance issues early on.

An asset management policy is a vital part of an Information Security Management System (ISMS). It sets out how an organisation identifies, classifies and protects its information assets throughout their lifecycle. For asset management policies, that means understanding asset management fundamentals and translating them into clear rules. This is what helps repeatedly pass audits without spending huge consulting sums. However, the bigger challenge is building the free tools and processes that keep asset management running at scale so you stay ready for future compliance demands. In this system we demystify both aspects to help you build an inexpensive asset management policy that is infinitely adaptable.

","features":null,"moduleCount":1,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"66725","title":"How to Boost Agile DevSecOps","slug":"how-to-boost-devsecops","uri":"app/premium/how-to-boost-devsecops","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-10-10T00:00:00+00:00","releaseDateString":"October 10th","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"$35","features":null,"moduleCount":1,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"66733","title":"How to Run Lean Management Reviews","slug":"how-to-run-lean-management-reviews","uri":"app/premium/how-to-run-lean-management-reviews","postDate":"2024-06-18T12:13:00+00:00","section":"systemsPremium","typeHandle":"system","showCountdown":true,"releaseDate":"2025-10-17T00:00:00+00:00","releaseDateString":"October 17th","image":[{"id":"10741","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","title":"USE CASE THREAT INFORMED DEFENSES","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-THREAT-INFORMED-DEFENSES.jpg","width":1920,"__typename":"images_Asset"}],"summary":"$36","features":null,"moduleCount":1,"scenarioCount":0,"__typename":"systemsPremium_system_Entry","promotions":["reseller-pro-license","knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Insider Threat","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"24184","title":"Malicious Exploitation of an Inadvertent Cloud Data Leak","slug":"malicious-exploitation-of-an-inadvertent-cloud-data-leak","uri":"app/scenarios/malicious-exploitation-of-an-inadvertent-cloud-data-leak","postDate":"2023-12-01T09:34:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-12-04T00:00:00+00:00","releaseDateString":"December 4th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

The objective of a cyber threat actor exploiting a data leak is to gain unauthorized access to valuable information, enabling activities such as financial gain, espionage, or other malicious purposes. This scenario, focused on a notable data leak exploitation sequence for our clients, stems from a review of 2022-2023 data and industry reporting, highlighting the increasing impact of cloud storage attacks due to the rising trend and frequency of data leaks.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"45859","title":"Pig Butchering and Insider Threat","slug":"pig-butchering-and-insider-threat","uri":"app/scenarios/pig-butchering-and-insider-threat","postDate":"2024-06-18T13:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-06-21T00:00:00+00:00","releaseDateString":"June 21st","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

This scenario focuses on pig butchering, a scheme perpetrated by financially motivated actors. It illustrates how a pig butchering attack can escalate into insider risk through the extortion of the victim, assuming the attacker is a well-resourced criminal organization capable of sophisticated tactics.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"25848","title":"Payment Card Fraud Committed via Web Skimming, Account Takeovers, and Physical Skimming Attacks","slug":"payment-card-fraud-committed-via-web-skimming-account-takeovers-atos-and-physical-skimming-attacks","uri":"app/scenarios/payment-card-fraud-committed-via-web-skimming-account-takeovers-atos-and-physical-skimming-attacks","postDate":"2023-12-29T08:45:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Payment card fraud involves illegal activities to gain unauthorized access to card information for financial gain. It is categorized into Card-Not-Present (CNP) and Card Present (CP), with CNP surpassing CP since 2020 due to changing habits and increased risks in CP transactions. The objective of payment card fraud is to illegally acquire and use payment card information of individuals for unauthorised financial gain.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"16961","title":"SIM Swapping Attack via Social Engineering the Mobile Network Provider","slug":"sim-swapping-attack-via-social-engineering-the-mobile-network-provider","uri":"app/scenarios/sim-swapping-attack-via-social-engineering-the-mobile-network-provider","postDate":"2023-10-19T11:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-24T00:00:00+00:00","releaseDateString":"November 24th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

SIM Swapping, a prevalent attack method since the early 2010s, enables threat actors to compromise Two-Factor Authentication (2FA) by gaining control of a victim's mobile number associated with various accounts, including banks and email. Attackers often impersonate victims, manipulate mobile network operators, and deceive employees into transferring the victim's number to a new SIM card they control, granting access to SMS messages, which may contain 2FA codes. Such attacks primarily pursue financial gain, although motivations also extend to account takeovers and other malicious objectives.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Malware Attacks","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"12090","title":"Financially-motivated Ransomware and Ransomware-as-a-Service Attacks","slug":"ransomware","uri":"app/scenarios/ransomware","postDate":"2023-03-10T07:56:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

Ransomware is a common objective for attackers after infiltrating networks, using it to encrypt data and pressuring victims to pay a ransom along with the use of data theft and extortion in ransomware negotiations. Illustrating the attack sequences of a well-resourced ransomware group affiliate adhering to the Ransomware-as-a-Service (RaaS) model when targeting larger organizations, acknowledging that not all ransomware actors follow this precise pattern. This scenario specifically addresses financially-motivated ransomware actors targeting private sector organizations.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"12094","title":"Wiper malware targeting critical network components","slug":"wiper-campaigns","uri":"app/scenarios/wiper-campaigns","postDate":"2023-03-10T07:56:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

Wipers refer to malware used that deletes or overwrites existing files in an operating system, making the system unusable. Our research identified commonly leveraged attack chains employed by threat actors in their use of destructive malware while also establishing a common baseline for wiper activity. Extensive exploration of significant wipers that surfaced in 2022, categorizing them into shared or distinct attack chains, tactics, techniques, and procedures, and their overall activities.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"13443","title":"Cryptomining Malware Targeting AWS Cloud Infrastructure","slug":"cryptomining-malware-targeting-aws-cloud-infrastructure","uri":"app/scenarios/cryptomining-malware-targeting-aws-cloud-infrastructure","postDate":"2023-06-19T20:10:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Cryptomining malware attacks aim to covertly harness the computing resources of compromised machines for unauthorized cryptocurrency mining, impacting victims through diminished performance, heightened energy consumption, and potential cloud computing expenses. This scenario details methods employed by threat actors to maintain persistent malware in an AWS cloud environment for illicit cryptocurrency mining, all in pursuit of financial gain.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"16967","title":"Information Stealer Attack that uses Malicious Advertising and Search Engine Optimisation Poisoning","slug":"information-stealer-info-stealer-attack-that-uses-malicious-advertising-malvertising-and-search-engine-optimisation-seo-poisoning","uri":"app/scenarios/information-stealer-info-stealer-attack-that-uses-malicious-advertising-malvertising-and-search-engine-optimisation-seo-poisoning","postDate":"2023-10-19T11:29:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-10T00:00:00+00:00","releaseDateString":"November 10th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Info-stealer malware attacks infiltrate and harvest sensitive data from victim systems or networks, which is subsequently exploited for fraudulent activities such as identity theft, corporate espionage, or sold on underground markets. This scenario details significant info-stealer attack sequences, concentrating on malvertising and SEO poisoning of search engines, to provide insights into their growing use by threat actors and their impact on organizations based on 2023 data.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"16980","title":"Using botnets","slug":"botnets","uri":"app/scenarios/botnets","postDate":"2023-10-19T11:39:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-28T00:00:00+00:00","releaseDateString":"November 28th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Adversaries establish botnets by infecting computers with the primary aim of gaining unauthorized access to victim devices for their own advantage. This scenario highlights prevalent attack sequences, drawn from data and industry reports spanning 2022-2023, showcasing the versatile uses of botnets, including financial exploitation, disruption, and state-sponsored espionage.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Social Engineering Attacks","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"12934","title":"Most prevalent Business Email Compromise scams","slug":"business-email-compromise","uri":"app/scenarios/business-email-compromise","postDate":"2023-05-22T21:12:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$37"},{"id":"13460","title":"Phishing attacks using Adversary-in-the-middle, Mark of the web bypass, and Telephone-Oriented Attack Delivery methods","slug":"hishing-attacks-using-adversary-in-the-middle-mark-of-the-web-bypass-and-telephone-oriented-attack-delivery-methods","uri":"app/scenarios/hishing-attacks-using-adversary-in-the-middle-mark-of-the-web-bypass-and-telephone-oriented-attack-delivery-methods","postDate":"2023-06-19T22:16:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$38"},{"id":"16961","title":"SIM Swapping Attack via Social Engineering the Mobile Network Provider","slug":"sim-swapping-attack-via-social-engineering-the-mobile-network-provider","uri":"app/scenarios/sim-swapping-attack-via-social-engineering-the-mobile-network-provider","postDate":"2023-10-19T11:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-24T00:00:00+00:00","releaseDateString":"November 24th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$39"},{"id":"16984","title":"Financially-motivated Deepfake Attacks exploiting Biometric Verification, Company Share Price, and Virtual Job Interviews","slug":"financially-motivated-deepfake-attacks-exploiting-biometric-verification-company-share-price-and-virtual-job-interviews","uri":"app/scenarios/financially-motivated-deepfake-attacks-exploiting-biometric-verification-company-share-price-and-virtual-job-interviews","postDate":"2023-10-19T11:42:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-30T00:00:00+00:00","releaseDateString":"November 30th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Deepfake attacks aim to create convincing fake content, often utilizing advanced technology, to deceive or impersonate individuals or organizations for various harmful purposes, like spreading false information or committing fraud. In this scenario, we outline key deepfake attack methods, such as using social engineering and biometric tricks for financial fraud, impersonating executives to harm reputations or manipulate stock prices, and faking candidates in virtual job interviews to gain unauthorized access. These methods are highlighted based on their increased use and potential threats from financially motivated actors, as observed from 2022-2023 data.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"24178","title":"Watering Hole Attack via Compromised Windows Web Servers","slug":"watering-hole-attack-via-compromised-windows-web-servers","uri":"app/scenarios/watering-hole-attack-via-compromised-windows-web-servers","postDate":"2023-12-01T09:26:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-12-06T00:00:00+00:00","releaseDateString":"December 6th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Watering hole attacks intend infecting specific groups or organizations by compromising websites frequented by individuals like government officials and corporate executives, turning them into unwitting \"watering holes\". The presented scenario for clients, based on a thorough 2022-2023 data review, depicts an ongoing Watering Hole Attack campaign since early 2022. It underscores the escalating use of specific methods for data theft and espionage by threat actors.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Fraud","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"45859","title":"Pig Butchering and Insider Threat","slug":"pig-butchering-and-insider-threat","uri":"app/scenarios/pig-butchering-and-insider-threat","postDate":"2024-06-18T13:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-06-21T00:00:00+00:00","releaseDateString":"June 21st","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$3a"},{"id":"16961","title":"SIM Swapping Attack via Social Engineering the Mobile Network Provider","slug":"sim-swapping-attack-via-social-engineering-the-mobile-network-provider","uri":"app/scenarios/sim-swapping-attack-via-social-engineering-the-mobile-network-provider","postDate":"2023-10-19T11:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-24T00:00:00+00:00","releaseDateString":"November 24th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$39"},{"id":"25848","title":"Payment Card Fraud Committed via Web Skimming, Account Takeovers, and Physical Skimming Attacks","slug":"payment-card-fraud-committed-via-web-skimming-account-takeovers-atos-and-physical-skimming-attacks","uri":"app/scenarios/payment-card-fraud-committed-via-web-skimming-account-takeovers-atos-and-physical-skimming-attacks","postDate":"2023-12-29T08:45:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$3b"},{"id":"25857","title":"Tax Fraud: Exploiting Exfiltrated Personally Identifiable Information for Fraudulent Tax Transactions","slug":"tax-fraud-exploiting-exfiltrated-personally-identifiable-information-for-fraudulent-tax-transactions","uri":"app/scenarios/tax-fraud-exploiting-exfiltrated-personally-identifiable-information-for-fraudulent-tax-transactions","postDate":"2023-12-29T08:54:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

Tax refund fraud entails stealing a victim's information to file fake tax returns, causing significant losses at scale. The objective of this scenario is to showcase various tax fraud methods, including spear phishing and malware, based on industry reports from 2019 to 2023.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"26267","title":"Exfiltration: Emerging Methods of Data Theft","slug":"exfiltration-emerging-methods-of-data-theft","uri":"app/scenarios/exfiltration-emerging-methods-of-data-theft","postDate":"2024-01-02T15:21:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

Data exfiltration, as part of various other attack chains such as ransomware payments, espionage, and fraud, poses a significant threat to organizations. As the digital attack surface expands and remote work increases, attackers leverage various methods, targeting protective measures like Multi-Factor Authentication and data backup systems, resulting in a rising trend of incidents with substantial financial and operational consequences. This scenario explores emerging methods of Data Theft observed in 2023 and forecasted towards 2024.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}],["$","section",null,{"children":["$","div",null,{"children":[["$","h2",null,{"children":"Supply Chain Attacks","data-accent-color":"$undefined","style":"$undefined","className":"rt-Heading rt-r-size-4 md:rt-r-size-6 Heading_heading__Z2SWQ"}],["$","div",null,{"children":["$","$L32",null,{"items":[{"id":"12086","title":"Software supply chain manipulation gaining unauthorised access to client environments","slug":"software-supply-chain-manipulation","uri":"app/scenarios/software-supply-chain-manipulation","postDate":"2023-03-10T07:55:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":false,"releaseDate":null,"releaseDateString":null,"image":[{"id":"10646","height":2214,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.png","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.png","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.png","width":3648,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$3c"},{"id":"28239","title":"Emerging Security Threats related to GitHub","slug":"emerging-security-threats-related-to-github","uri":"app/scenarios/emerging-security-threats-related-to-github","postDate":"2024-02-19T13:20:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-02-23T00:00:00+00:00","releaseDateString":"February 23rd","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

As the popularity of Github and other code repositories remains among software developers, it has become a cornerstone of collaborative coding and software deployment. However, this widespread usage also poses significant security challenges, as malicious actors exploit its functionalities for nefarious purposes. In this threat scenario we outline critical aspects emerging over the last year, leading to compromises or playing into wider software supply chain incidents.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"34163","title":"IoT Enabled Attacks: From Initial Access to Industrial Control System Compromise","slug":"iot-enabled-attacks","uri":"app/scenarios/iot-enabled-attacks","postDate":"2024-04-26T07:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-04-30T00:00:00+00:00","releaseDateString":"April 30th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

This scenario demonstrates how real-world cyberattacks are being performed against Industrial IoT systems, leading to compromise, disruption, and data theft. These attack chains were chosen to demonstrate how compromise of IIoT infrastructure can fully facilitate different types of attacks, or serve as an initial access vector for deeper penetration into industrial networks.

","__typename":"scenarios_scenario_Entry","promotions":["knauf-12-months","company-premium-code","sherpany-12-months","anwb-12-months"]},{"id":"27050","title":"Kubernetes Attacks via Vulnerability Exploitation, AWS Infiltration, and Container Break Out","slug":"kubernetes-attacks-via-vulnerability-exploitation-aws-infiltration-and-container-break-out","uri":"app/scenarios/kubernetes-attacks-via-vulnerability-exploitation-aws-infiltration-and-container-break-out","postDate":"2024-01-10T15:25:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2024-01-12T00:00:00+00:00","releaseDateString":"January 12th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

Kubernetes attacks aim to exploit the platform's cloud computing power for malicious purposes or as an entry point to gain deeper network access. The proliferation of Kubernetes infrastructure in organizations has expanded the attack surface for intruders, making unsecured cloud instances a prime entry point into Kubernetes clusters, especially as cyberattacks on cloud infrastructure increased significantly. This scenario details several dominant attack chains to attack Kubernetes or exploit Kubernetes to pursue additional objectives.

","__typename":"scenarios_scenario_Entry","promotions":"$3d"},{"id":"16961","title":"SIM Swapping Attack via Social Engineering the Mobile Network Provider","slug":"sim-swapping-attack-via-social-engineering-the-mobile-network-provider","uri":"app/scenarios/sim-swapping-attack-via-social-engineering-the-mobile-network-provider","postDate":"2023-10-19T11:27:00+00:00","section":"scenarios","typeHandle":"scenario","showCountdown":true,"releaseDate":"2023-11-24T00:00:00+00:00","releaseDateString":"November 24th","image":[{"id":"10740","height":1165,"hasFocalPoint":false,"focalPoint":[0.5,0.5],"path":"Usecases/USE-CASE-SIMPLIFY.jpg","title":"USE CASE SIMPLIFY","alt":null,"src":"https://api.venation.digital/uploads/images/Usecases/USE-CASE-SIMPLIFY.jpg","url":"https://api.venation.digital/uploads/images/Usecases/_1xAUTO_crop_center-center_none/USE-CASE-SIMPLIFY.jpg","width":1920,"__typename":"images_Asset"}],"summary":"

","__typename":"scenarios_scenario_Entry","promotions":"$39"}]}],"style":"$undefined","className":"rt-Box CourseScroller_sliderWrapper__MA3Vt"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-ai-stretch rt-r-gap-6"}],"style":"$undefined","className":"rt-Section rt-r-size-1"}]],"style":"$undefined","className":"rt-Flex rt-r-fd-column rt-r-p-4 md:rt-r-p-9 PageLayout_content__asai_"}]],"style":"$undefined","className":"rt-Box PageLayout_base__HnKuw PageLayout_full__aT2rL"}]

Scenario Intelligence Library

Trending Scenarios

Exploiting Unpatched or Zero-day Vulnerability in VPN or Firewall Solution

Most prevalent Business Email Compromise scams

Software supply chain manipulation gaining unauthorised access to client environments

Threats to Machine Learning’s Underlying Models

Phishing attacks using Adversary-in-the-middle, Mark of the web bypass, and Telephone-Oriented Attack Delivery methods

Trending Systems

How to Create Your Stakeholder Matrix

How to be a Cyber Threat Intelligence Consumer

How to Create Your Cyber Threat Intelligence Process

How to Create a Threat Landscape Deliverable

How to Implement Scenario-based Threat Management

How to Model Threat Scenarios in Attack Flow

How to Create Scenario-Based Incident Response Playbooks

Upcoming

How to Start Lean Cybersecurity

How to Setup Agile Security Operations

How to Setup an ISMS as Prompt

How to Setup Lean Vulnerability Management

How to Build Scalable Asset Management

How to Boost Agile DevSecOps

How to Run Lean Management Reviews

Insider Threat

Malicious Exploitation of an Inadvertent Cloud Data Leak

Pig Butchering and Insider Threat

Payment Card Fraud Committed via Web Skimming, Account Takeovers, and Physical Skimming Attacks

SIM Swapping Attack via Social Engineering the Mobile Network Provider

Malware Attacks

Financially-motivated Ransomware and Ransomware-as-a-Service Attacks

Wiper malware targeting critical network components

Cryptomining Malware Targeting AWS Cloud Infrastructure

Information Stealer Attack that uses Malicious Advertising and Search Engine Optimisation Poisoning

Using botnets

Social Engineering Attacks

Most prevalent Business Email Compromise scams

Phishing attacks using Adversary-in-the-middle, Mark of the web bypass, and Telephone-Oriented Attack Delivery methods

SIM Swapping Attack via Social Engineering the Mobile Network Provider

Financially-motivated Deepfake Attacks exploiting Biometric Verification, Company Share Price, and Virtual Job Interviews

Watering Hole Attack via Compromised Windows Web Servers

Fraud

Pig Butchering and Insider Threat

SIM Swapping Attack via Social Engineering the Mobile Network Provider

Payment Card Fraud Committed via Web Skimming, Account Takeovers, and Physical Skimming Attacks

Tax Fraud: Exploiting Exfiltrated Personally Identifiable Information for Fraudulent Tax Transactions

Exfiltration: Emerging Methods of Data Theft

Supply Chain Attacks

Software supply chain manipulation gaining unauthorised access to client environments

Emerging Security Threats related to GitHub

IoT Enabled Attacks: From Initial Access to Industrial Control System Compromise

Kubernetes Attacks via Vulnerability Exploitation, AWS Infiltration, and Container Break Out

Using botnets

SIM Swapping Attack via Social Engineering the Mobile Network Provider