Collaborate Disseminate
North Korea’s BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs. On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with th… Continue reading North Korea’s BeagleBoyz Resumes International Attacks Targeting Banks
New Zealand’s stock exchange suffered its second distributed denial-of-service (DDoS) attack within a matter of two days. According to Reuters, cash market trading on the floor of the New Zealand’s Exchange (NZX) came to a halt at 11:24 local time on A… Continue reading New Zealand Stock Exchange Suffers Second DDoS Attack in Two Days
Iranian actors leveraged the Remote Desktop Protocol (RDP) as part of an international campaign to target companies with Dharma ransomware. Group-IB uncovered the campaign while conducting an incident response engagement for a Russian company in June 2… Continue reading RDP Used by Iranian Actors in International Dharma Ransomware Attacks
After the global outbreak of coronavirus 2019 (COVID-19), organizations quickly transitioned to remote work in order to enforce social distancing and to keep their employees safe. But this work-from-home arrangement opened up organizations to more risk… Continue reading How IT-OT Security Has Changed in the Wake of COVID-19
The University of Utah paid a fee of more than $450,000 to attackers after they infected a portion of its servers with ransomware. On July 19, 2020, the Information Security Office (ISO) notified the university’s College of Social and Behavioral Scienc… Continue reading University of Utah Paid Over $450K to Ransomware Attackers
On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware. The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military … Continue reading Drovorub “Taking systems to the wood chipper” – What you need to know
A friend of mine received an interesting piece of snail mail the other day. It was one of those inheritance scam letters that usually arrive in E-Mail. An image of the letter is shown below: In summary, the author, a high-ranking bank official, has an … Continue reading Snail Mail With a Privacy Twist
Security researchers released a decryption tool that enables victims of WannaRen ransomware to recover their files for free. On August 19, Bitdefender announced that it had made a WannaRen decryption utility publicly available for download. The securit… Continue reading Decryption Tool Released for WannaRen Ransomware
Tripwire is very much household name within the cybersecurity community. It’s been around from the early days of creating intrusion detection software that would later be known as File Integrity Monitoring (FIM) all the way through to deploying a portf… Continue reading From Customer to Employee – A Tripwire Journey
Malicious actors launched credential stuffing attacks that targeted Canada’s GCKey service and Canada Revenue Agency (CRA) accounts. On August 15, the Treasury Board of Canada Secretariat announced that the Government of Canada was in the process of re… Continue reading Credential Stuffing Attacks Targeted GCKey, CRA Accounts