U.S. Department of State’s $10M Bounty on Conti Ransomware

The U.S. Department of State announced last week that it is offering a $10,000,000 bounty for information on the identification or location of five highly ranked members of Wizard Spider, the Conti ransomware syndicate. Since the emergence of Conti in [...]

U.S. Department of State’s $10M Bounty on Conti Ransomware2022-09-09T20:47:31-07:00

OFAC Sanctions Cryptocurrency Mixer Tornado Cash

What is Tornado Cash? A virtual cryptocurrency mixer on the Ethereum blockchain, Tornado Cash was officially sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on August 8th, 2022. The platform works to facilitate [...]

OFAC Sanctions Cryptocurrency Mixer Tornado Cash2022-09-09T18:43:16-07:00

The EPA Adds Cybersecurity Rules for Water Sector

As cyber attacks continue suppressing critical infrastructure sectors like water and wastewater systems, implementing proper cybersecurity practices is becoming more vital in protecting against highly disruptive cybersecurity incidents. According to the Environmental Protection Agency (EPA), these threats on process control [...]

The EPA Adds Cybersecurity Rules for Water Sector2022-09-02T17:48:19-07:00

Lack of Ransomware Reporting a Major Issue in Cybercrime Defense

For a country that boasts economic and technical progression, the United States falls short on ransomware proficiency. Malware groups and the mitigation of cyber attacks run rampant. Many organizations, as well as individuals, do not report these attacks because they [...]

Lack of Ransomware Reporting a Major Issue in Cybercrime Defense2022-08-08T22:45:03-07:00

SHI International Cyberattack

Over the Fourth of July weekend, prominent IT services provider SHI International, was a victim of a major malware attack. Based in Somerset, New Jersey, SHI is a private provider of tech services and a supplier of tech products to [...]

SHI International Cyberattack2022-07-21T20:08:04-07:00

AstraLocker 2.0 Ransomware is a Smash & Grab Variant

A version of AstraLocker, AstraLocker 2.0 ransomware, has just been released. This updated version is what some threat analysts call a rapid attack, or smash-and-grab style of ransomware. The AstraLocker 2.0 developers use Microsoft Word attachments in emails to distribute [...]

AstraLocker 2.0 Ransomware is a Smash & Grab Variant2022-07-01T17:33:08-07:00

LAPSUS$: The New Extortion Group Causing a Scene

A new threat actor group is behind an infamous wave of attacks impacting companies like Microsoft, Nvidia, Okta, and most recently Globant, among others. LAPSUS$, tracked as DEV-0537 by Microsoft, is relatively less sophisticated than other hacking and extortion groups [...]

LAPSUS$: The New Extortion Group Causing a Scene2022-04-08T17:40:39-07:00

Cybersecurity Transformations Since the Russia/Ukraine Conflict

In the past few days since the Russia/Ukraine conflict, there have been some changes in the cybersecurity landscape. Below are some of my personal observations from our Ransomware Recovery business unit. I am curious if other incident response professionals, ransomware [...]

Cybersecurity Transformations Since the Russia/Ukraine Conflict2022-03-04T12:27:57-08:00

Ransomware Attack: Should I Contact the FBI and Law Enforcement?

If your company was hit with ransomware, you might be wondering if you should contact the FBI after a ransomware attack, or other law enforcement. The quick answer is mostly yes, but with important caveats to consider. Because of the [...]

Ransomware Attack: Should I Contact the FBI and Law Enforcement?2022-02-27T23:49:27-08:00

Cyber Safety Tips for the Holidays

With the holiday season now in full swing, we wanted to share some helpful cyber safety tips and guidance when it comes to your cybersecurity strategies (or lack thereof). The Cybersecurity and Infrastructure Security Agency, as well as the FBI, [...]

Cyber Safety Tips for the Holidays2022-02-27T23:55:26-08:00