For any scholar of cybersecurity trends, ransomware provides a unique study. The threat has seen several key evolutions since it first emerged in 2010. The latest evolution seen and documented by two separate security firms involves how ransomware operators are using virtual machines (VMs) to hide a
Hackers are ever increasingly looking to abuse developers and their tools to conduct attack campaigns. Recently this trend has involved hackers uploading malicious packages to popular repositories. In April 2021, it was found that hackers had uploaded malicious code that installed the Mac Shlayer.
For the past several months' hackers have not been friendly to businesses in the gaming industry. CD Projekt Red, Ubisoft, and Crytek have all suffered ransomware incidents. Now it has emerged that EA has suffered a data breach, in which it is believed several games have had their source code stolen
According to a new article published by security firm Morphisec, threat actors are using paid-for Google ads to help distribute several pieces of info stealing malware. This is done by the threat actors abusing the Pay Per Click (PPC) functionality of Google AdWords in such a way that the ads paid f
Shortly after this publication posted an article detailing the JBS Incident the FBI issued a statement officially attributing the attack to the now infamous Sodinokibi ransomware gang. Sodinokibi is also tracked by several security firms as REvil. Since the release of the statement at least two high
On May 30, 2021, JBS, which is based in Brazil and has meat processing plants in the US, notified the US Government that it had suffered a ransomware attack. JBS is the second-largest meat producer in the US with shutdowns likely to have a major impact on US meat supply, just in time for when the co
Attacks on Industrial Control Systems (ICS) and other forms of Operational Technology (OT) are nothing new. It was assumed that the majority of these attacks need to be conducted by highly skilled attackers with a fair amount of experience. This assumption was based primarily on the reasoning that a
The Colonial Pipeline Incident rocked the InfoSec community and much of the eastern seaboard of the US. The ramifications of the event are likely to mold the US’s strategy in combating cybercrime and ransomware for the foreseeable future. While that incident was unfolding and still being covered by
The ransomware gang behind the DarkSide who attacked the Colonial Pipeline has only been operational for approximately nine months. Due to the incident, they are best known for, they have reached a level of notoriety cybercriminals tend to want to avoid. This has prompted some to research how much m
The Colonial Pipeline incident has dominated cybersecurity, economic, and political headlines for a large portion of this week's news cycle. It may even be a watershed moment in the ransomware timeline, a step too far if you will. Impacting one company for a period may be frustrating to consumers an