All Articles (2242)

Sort by

10513089491?profile=RESIZE_400xThe Snatch Ransomware group was first discovered at the end of 2019. The ransomware gained publicity due to its novel encryption method in which is reboots that target machine into safe mode and disables a number of security services before encrypting files, limiting the likelihood of detection.

The Ransomware also differs from major groups as they use targeted attacks rather than large phishing campaigns to gain access to specific companies. The group has been described as a big game hunter tha

10511831086?profile=RESIZE_400xA rise in any price by 92% hurts.  That's real cash like money.  This is the kind of thing that starts cutting into your whole cyber budget.  The Wall Street Journal (WSJ) recently reported, "Many US cyber insurers dramatically increased their rates during 2021, alarmed by a rash of cyber-attacks that struck companies around the world and drew the attention of national governments.  Data from regulatory filings and collated by ratings agencies shows that among the largest insurers, direct writte

10510175675?profile=RESIZE_400xWhen a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and unnecessary. However, this disregard for IT security is being exploited by cybercriminals.[1]  Researchers at Kaspersky report the dynamics of attacks on small and medium-sized businesses between January and April 2022 and the same period in 2021 to identify which threats pose an increasing danger to entrepren

10513781884?profile=RESIZE_400xThere is serious legal reasoning that cyber-attacks against a nation’s critical infrastructure could be reasoned as a war crime.[1]  The University of California (UC), Berkeley Human Rights Center’s recent recommendations for war crime charges against the Sandworm hacking group, which was sent to the International Crimes Commission (ICC) before some of the most recent cyberattacks fully came to light, single out Sandworm’s two blackout attacks in 2015 and 2016 for legal and practical reasons: Sa

10503205859?profile=RESIZE_400xBefore becoming a bug bounty hunter, Hector was living a completely different life.  Back in 2019, he lost his job.  With only a high school education, he bounced around to make ends meet.  He sold popcorn at the cinema, then cellphones, and eventually joined the Coast Guard.  Things got a bit more desperate as his debt compounded. Yet, he fought back.  He pivoted to odd jobs like washing dishes and doing chores for his abuela. He did what he could find for pocket change.[1]

Then one day, he saw

10503132260?profile=RESIZE_400xActivity Summary - Week Ending on 20 May 2022:

  • Red Sky Alliance identified 33,648 connections from new IP’s checking in with our Sinkholes
  • InterServer Inc. has Issues
  • Analysts identified 1,553 new IP addresses participating in various Botnets
  • Sality remains our top Malware Variant
  • Apache LogJ4 and LogJ4 2 still an issue / CVE-2021-44228
  • Nerbian RAT
  • Blind Eagle APT
  • SEGs and ICES
  • Wizard Spider in Russia

Link to full report: IR-22-140-001_weekly140.pdf

10496861099?profile=RESIZE_400xWellington Whimpy used to say, “I'll gladly pay you Tuesday for a hamburger today.” The manager of a State of Illinois White Castle restaurant is seeking enforcement of the state's biometric data privacy law on behalf of all the chain's employees for what she claims is a decade of violations. The proposed class-action lawsuit against the fast-food chain, known for its hamburgers, alleges that fingerprint scans used to access restaurant computer systems violate the State of Illinois Biometric Inf

10496162276?profile=RESIZE_400xThe very first version of what would become known as ‘email’ was invented in 1965 at Massachusetts Institute of Technology (MIT) as part of the university's Compatible Time-Sharing System.  Emails, an old, tried and true method of communication – emails are still used for both good and bad purposes.  In Belgrade, a series of email bomb threats were sent on 16 May to Serbian government authorities.  The emails included threats against schools, bridges, restaurants and a soccer match, bringing its

10491226470?profile=RESIZE_400xTesla Inc. CEO Elon Musk said SpaceX’s high-speed Internet service, Starlink, has held out against Russia’s cyberwar tactics amid the country’s ongoing invasion of Ukraine. 

What Happened - Musk said last week that Starlink has resisted Russia’s “jamming & hacking attempts,” even as the Vladimir Putin-led country is ramping up efforts.  Musk linked his comment to a Reuters report that said Russia was behind a massive cyberattack against a satellite internet network that took tens of thousands of

10484495258?profile=RESIZE_400xActivity Summary - Week Ending on 13 May 2022:

  • Red Sky Alliance identified 35,648 connections from new IP’s checking in with our Sinkholes
  • MS in Sydney Australia hit 134x
  • Analysts identified 1,442 new IP addresses participating in various Botnets
  • Black Basta
  • Stonefly APT
  • Magnus & Grim
  • Exploits in Ransomware used to Block Encryption
  • Risk-Based Cyber Security in the UK
  • Passwords
  • Ransomware Evolution

Link to full report: IR-22-133-001_weekly133.pdf

10482542089?profile=RESIZE_400xThe supply chain provides the framework for the modern transfer of goods.  Logistics play a pivotal role from the acquisition of raw materials to the delivery of a final product to the end user.  Generally, the raw materials are transported to a supplier, who then transports the materials to a manufacturer.  The manufacture creates a finished product that is then distributed to either a retailer or warehouse where the product is either sent to or carried out by the consumer.  Pictured below is a

10482539655?profile=RESIZE_400xThree people were handed years-long sentences in federal court on Wednesday for a range of crimes connected to a widespread hacking and identity theft campaign.  Alessandro Doreus, Jean Elie Doreus Jovin and Djouman Doreus pleaded guilty to conspiracy to commit fraud and aggravated identity theft in September 2021.  Prosecutors said they defrauded hundreds of people from 2015 to 2020 by gaining access to Social Security numbers, account numbers, usernames and passwords.

A US District Judge gave

10480057264?profile=RESIZE_400xIn a recent US Department of Homeland Security (DHS) cyber-security bulletin, analysts emphasize the need to better protect Manage Service Providers (MSP).  Cyber security authorities in the United Kingdom (NCSC-UK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA), (NSA), (FBI) are aware of recent reports that observe an increase in malicious cyber activity targeting MSPs and expect this trend to continue.[1]  The joint Cybersecurity Advisory (CSA) provides a

10479909677?profile=RESIZE_400xResearchers at Red Canary cyber intelligence have discovered a new Windows malware with worm capabilities that spreads using external USB drives.  This malware is linked to a cluster of malicious activity titled Raspberry Robin and was first observed in September 2021 (cybersecurity firm Sekoia tracks this malware as "QNAP worm").  Red Canary's Detection Engineering team detected the worm in multiple customers' networks, some in the technology and manufacturing sectors.

Raspberry Robin spreads t

10477932254?profile=RESIZE_400xEspionage comes in many forms, for advanced persistent threat (APT) “UNC3524” as dubbed by security company Mandiant, the objective is to collect emails dealing with corporate development, mergers & acquisitions, and corporate transactions.  “UNC3524” was first discovered in December 2019 and has been tracked since then.  The group’s corporate targets and interest in M&A plans point to financial motivation, however, the group’s ability to linger in a target environment while collecting emails, s

10477300466?profile=RESIZE_400xRansomware has hit an Illinois college with devastating results.  It is shutting its doors permanently.  Lincoln College says it will close this week in the wake of a ransomware attack that took months to resolve.  While the impact of COVID-19 severely impacted activities such as recruitment and fundraising, the cyberattack seems to have been the tipping point for the Illinois college. 

The college has informed the Illinois Department of Higher Education and Higher Learning Commission that it wi

10475784893?profile=RESIZE_710xDevelopment teams need to consider the concept of secure design when developing applications. When coding any software, the main goal is to focus on security. Never leave protection and security until the end of development. It is important to note that any errors associated with this can damage the entire software.

Prevention is always better than mitigation. To avoid threats, we can use the following secure software development best practices: Validate input, Heed compiler warnings, Architect

10475693668?profile=RESIZE_400xJust who are your LinkedIn connections?  LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cybercriminals in phishing attacks and an estimate of 52% of phishing attacks globally are focused on LinkedIn.  LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cybercriminals in phishing attacks

10469266899?profile=RESIZE_400xAn elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed evade detection since at least 2019.  Named by investigators "Operation CuckooBees,” the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information.  Targets included technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.  "The attackers targeted intellectual property develo