Collaborate Disseminate
When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express
When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express
It’s been a year since we launched our VirusTotal plugin for IDA Pro, followed by SentinelOne’s amazing contribution to the community with their VirusTotal plugin for GHIDRA (thanks again for the great job), inspired by the original IDA plugin but addi… Continue reading When you go fighting malware don´t forget your VT plugins
It is the Tuesday morning after a long weekend. You come into work early to get caught up on emails only to find you are completely locked out. You have been hit by a ransomware attack. You ask yourself, “What happened? And how do I fix it?” This post … Continue reading REvil, Ryuk and Tycoon Ransomware: How They Work and How to Defend Against Them
It’s easy to be distracted by the flood of other distressing news each day, but the FBI, CISA and HHS recently urged the health care industry to stay on high alert for malware; especially ransomware attacks. The FBI’s warning included the statement, “… Continue reading Health Care Remains a Prime Target for Ransomware Attacks
Authorities across Europe on Tuesday said they’d seized control over Emotet, a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than a million Microsoft Windows systems currently compromised with malware tied to Emotet infections. Continue reading International Action Targets Emotet Crimeware
An examination of the malware gang’s payments reveals insights into its economic operations. Continue reading Ryuk Rakes in $150M in Ransom Payments
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike. Continue reading Cyberattacks on Healthcare Spike 45% Since November
In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks. Continue reading Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor
Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business. Continue reading Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company