The U.S. Department of State announced last week that it is offering a $10,000,000 bounty for information on the identification or location of five highly ranked members of Wizard Spider, the Conti ransomware syndicate. Since the emergence of Conti in [...]
What is Tornado Cash? A virtual cryptocurrency mixer on the Ethereum blockchain, Tornado Cash was officially sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on August 8th, 2022. The platform works to facilitate [...]
As cyber attacks continue suppressing critical infrastructure sectors like water and wastewater systems, implementing proper cybersecurity practices is becoming more vital in protecting against highly disruptive cybersecurity incidents. According to the Environmental Protection Agency (EPA), these threats on process control [...]
Passwords protect our identity in the digital space, allowing for safe and secure interactions. Despite the strength and efficacy of any given sophisticated password, private data is at risk when credentials are compromised. To combat these online attacks, Microsoft is [...]
For a country that boasts economic and technical progression, the United States falls short on ransomware proficiency. Malware groups and the mitigation of cyber attacks run rampant. Many organizations, as well as individuals, do not report these attacks because they [...]
Over the Fourth of July weekend, prominent IT services provider SHI International, was a victim of a major malware attack. Based in Somerset, New Jersey, SHI is a private provider of tech services and a supplier of tech products to [...]
A version of AstraLocker, AstraLocker 2.0 ransomware, has just been released. This updated version is what some threat analysts call a rapid attack, or smash-and-grab style of ransomware. The AstraLocker 2.0 developers use Microsoft Word attachments in emails to distribute [...]
What is Enterprise Patch Management (a.k.a. the application of software security updates according to NIST SP 800-40r4)? The National Institute of Standards and Technology (NIST) just released Report 800-40r4: Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology. [...]
A new threat actor group is behind an infamous wave of attacks impacting companies like Microsoft, Nvidia, Okta, and most recently Globant, among others. LAPSUS$, tracked as DEV-0537 by Microsoft, is relatively less sophisticated than other hacking and extortion groups [...]
In the past few days since the Russia/Ukraine conflict, there have been some changes in the cybersecurity landscape. Below are some of my personal observations from our Ransomware Recovery business unit. I am curious if other incident response professionals, ransomware [...]
Skip to content
