Shortly after this publication posted an article detailing the JBS Incident the FBI issued a statement officially attributing the attack to the now infamous Sodinokibi ransomware gang. Sodinokibi is also tracked by several security firms as REvil. Since the release of the statement at least two high
On May 30, 2021, JBS, which is based in Brazil and has meat processing plants in the US, notified the US Government that it had suffered a ransomware attack. JBS is the second-largest meat producer in the US with shutdowns likely to have a major impact on US meat supply, just in time for when the co
Attacks on Industrial Control Systems (ICS) and other forms of Operational Technology (OT) are nothing new. It was assumed that the majority of these attacks need to be conducted by highly skilled attackers with a fair amount of experience. This assumption was based primarily on the reasoning that a
The Colonial Pipeline Incident rocked the InfoSec community and much of the eastern seaboard of the US. The ramifications of the event are likely to mold the US’s strategy in combating cybercrime and ransomware for the foreseeable future. While that incident was unfolding and still being covered by
The ransomware gang behind the DarkSide who attacked the Colonial Pipeline has only been operational for approximately nine months. Due to the incident, they are best known for, they have reached a level of notoriety cybercriminals tend to want to avoid. This has prompted some to research how much m
The Colonial Pipeline incident has dominated cybersecurity, economic, and political headlines for a large portion of this week's news cycle. It may even be a watershed moment in the ransomware timeline, a step too far if you will. Impacting one company for a period may be frustrating to consumers an
Ransomware is again making headlines and for all the wrong reasons. Last week this publication covered how using pirated software can leave an organization vulnerable to a ransomware attack. The incident showed how ransomware operators look to exploit poor network and security controls and how the g
Long have the dangers of pirated software be shouted from the mountaintops by security researchers. Despite being illegal, the user has no idea what they are downloading. In many cases what they believe is a software package, movie, or TV show is laden with malicious payloads. Some of those payloads
It has been a busy couple of days for reports coming from security firm FireEye. Last week this publication covered the use of the FiveHands ransomware strain by a financially motivated group tracked as UNC2447. This week a new report published by the firm details an attack campaign carried out by y
A financially motivated threat actor has been seen exploiting a zero-day bug in SonicWall SMA 100 Series VPN appliances. This is done to gain initial access to enterprise networks so that the threat actors can deploy a newly discovered ransomware strain, known as FiveHands. So far victims include or