Collaborate Disseminate
Following the discovery of Hafnium attacks targeting Microsoft Exchange vulnerabilities, the Cybereason Nocturnus and Incident Response teams proactively hunted for various threat actors trying to leverage similar techniques in-the-wild. In the… Continue reading DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
On June 11, McDonald’s said in a message to its U.S. employees that it had discovered unauthorized activity on an internal security system. The burger chain responded by bringing on some external consultants to investigate what had happened, repor… Continue reading Biden-Putin Summit and Why Threat Actors Just Won’t Give it a Rest
In the past few months, we’ve faced massive attacks with SolarWinds and the HAFNIUM attacks targeting Microsoft Exchange, followed by the unprecedented ransomware attack by DarkSide that crippled US critical infrastructure. It is time to ask ourse… Continue reading The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow
In China’s Unrestricted Cyberwarfare Part 1 we explored the story of two Chinese military officers, veterans of the semi-conflict with Taiwan, who helped shape the role of cyber in modern warfare in China and beyond with special guest Lieutenant C… Continue reading Malicious Life Podcast: China’s Unrestricted Cyberwarfare Part 2
The state of the threat landscape in general, and incidents like the recent ransomware attack against Colonial Pipeline demand that we take immediate action to improve cybersecurity defenses. The recent executive order (EO) on cybersecurity from P… Continue reading New Cybersecurity Executive Order: Will It Have Impact?
In March of 2011, security vendor RSA was the target of an attack that compromised sensitive data related to the company’s flagship SecureID product, a solution that was in-use by thousands of high-profile clients around the world including the U…. Continue reading Malicious Life Podcast: The Untold Story of the RSA Breach Part 2
In March of 2011, security vendor RSA was the target of an attack that compromised sensitive data related to the company’s flagship SecureID product. The solution was in-use by thousands of high-profile clients around the world, including the U.S…. Continue reading Malicious Life Podcast: The Untold Story of the RSA Breach Part 1
Late on Friday May 7, 2021, Colonial Pipeline, the company that runs the largest gasoline pipeline in the US, shut down operations following a ransomware attack on their systems. It later emerged that a relatively new ransomware-as-a-service crimi… Continue reading DarkSide Gang and the New Golden Age of Piracy
On May 8, the Colonial Pipeline Company announced that it had fallen victim to a ransomware attack a day earlier. The pipeline operations include transporting 100 million gallons of fuel daily to meet the needs of consumers across the entire easte… Continue reading Inside the DarkSide Ransomware Attack on Colonial Pipeline
Back in the 1990s, cyberwarfare was a word rarely used in the West – and definitely unheard of in China, which was just taking its first steps on the Internet. Two Chinese military officers, veterans of the semi-conflict with Taiwan, helped shape … Continue reading Malicious Life Podcast: China’s Unrestricted Cyberwarfare Part 1