A Switch From the Norm - A New Malware Infection Chain

April 1, 2022

Top 10 Web Application Vulnerabilities Pt. 1

Web Application’s are an attackers first choice when trying to compromise an organization. By being one of the few attack vectors that face the public, if not secured correctly, they can be an easy way for attackers to gain a foothold in your organization. In this post we will talk about the vulnerabilities in Web Applications that the OWASP Foundation has highlighted as “Most Critical”.

April 1, 2022

Suspected UNC 1151 Attacks as Ukraine Conflict Continues

March 2, 2022

The Anatomy of a Cyber Attack

The rate of cyber-attacks has escalated exponentially in the past year. According to Reuters, cybercrime has risen 500% since the beginning of the pandemic. As a lot of companies are turning to remote work, attackers are finding new ways to exploit this along with the multitude of options already available to them. Although stopping attackers from gaining access may seem like a daunting task, by understanding the entire process, from initial reconnaissance to system compromise, we can be better prepared to stop an attack before it does real damage.

March 2, 2022

BlackCat Ransomware

A ransomware group using Rust programming language and with ties to DarkSide & BlackMatter has been increasing their activity as many organizations have fallen victim to their ransomware.

February 2, 2022

#LeakTheAnalyst

The group responsible for hacking Mandiant analyst back in 2017 has made their return, according to Forum chatter and a new website.

February 1, 2022

A New Campaign From Lazarus Group

Lazarus Group (also known by other monikers such as Zinc, HIDDEN COBRA, and APT 38) is a cybercrime group made up of an unknown number of individuals run by the North Korean state. Researchers have attributed many cyberattacks to them between 2010 and 2021. The Lazarus Group has strong links to North Korea.

January 3, 2022

The Return of Emotet

In early 2021, an international law enforcement operation coordinated by Europol and Eurojust took over the Emotet infrastructure and arrested two individuals related to the group. Now, in late 2021, Emotet has been revived and improved, and has been gradually increasing its activity.

January 3, 2022

Introduction to Threat Modeling

The attack and defense sides of security are constantly changing. As part of handling this change, organizations should continually reassess and evolve their defenses. This process is called Threat Modeling and is a proactive approach to protecting your organization against threats.

December 13, 2021

The Downfall of REvil

One of the most infamous ransomware gangs, REvil, may have been permanently brought offline thanks to law enforcement activity. Several arrests of cyber criminals related to REvil have been made and their one of their leader named “Unknown” has been missing. REvil servers are currently offline and many in the DarkWeb Forum communities believe this the end of REvil.

December 3, 2021

Yanluowang Ransomware

November 3, 2021

Do You Need an MDR Solution?

Malware and Ransomware is only getting more complex over time. Find out if your organization could benefit from a MDR solution.

November 3, 2021

Lockbit 2.0

While Darkside may have rebranded as BlackMatter and REvil took a short break in July, the LockBit 2.0 ransomware group is gradually amassing an immense number of victims and continue to successfully make less noise than their counterparts.

September 23, 2021

Top 5 Endpoint Security Solutions of 2021

Data security has been a major issue for small and midsize businesses and the enterprise sector alike for decades. However, recent events have catapulted next generation endpoint security solutions back into a top spot in the list of must needs for many data security officers.

August 19, 2021

Prometheus TDS – A Whole New Cybercrime Ecosystem

A new cybercrime service is being offered on the DarkWeb to help malware gangs distribute their malicious payloads through hacked websites

August 17, 2021

BlackMatter - A Possible Successor to Darkside and REvil

After the disappearance of two of the top ransomware gangs, a new group called BlackMatter appears in the DarkWeb to take their place.

August 15, 2021

Conti Ransomware

The case for a defense in depth approach to securing our networks.

July 5, 2021

Five Most Wanted Ransomware Operations of 2021

The last half-decade has seen a huge increase in financially motivated malware attacks and specifically the use of ‘ransomware.’ Once a rarity or a topic of a science fiction narrative, cybercriminals corrupting or encrypting valuable data and extorting money for its restoration now regularly cripple key financial services, oil pipelines and even hospitals.