According to a recently published report by the Sygnia Incident Response team, internet-facing Windows servers are being targeted by an advanced persistent threat group called Praying Mantis, or less glamorously TG1021. What makes their attack campaigns noteworthy is that they are almost exclusively
Researchers at Bitdefender have discovered a new password-stealing malware that targets Windows users. The malware is delivered via ads that appear in the user's search results. This is not the first time we have seen this distribution method being used this year. At the beginning of June security f
Much of the world's attention regarding cybersecurity matters has been firmly affixed to the NSO saga resulting from the Pegasus Project. While Spyware has been abused by governments dominated headlines, the US Government and its allies placed responsibility for the Exchange Server hacks that occurr
Following the Washington Post’s expose regarding the spyware created by an Israeli firm, NSO, which had been used by the firm's clients in a questionable way, the political fallout is just beginning. Spyware can be defined as malware designed to track user activity on a device, not only can activity
On the evening of Monday, July 13, 2021, various news outlets began reporting that websites and infrastructure were used by ransomware operators behind the Sodinokibi strain had been taken offline. This resulted in several theories being proposed as to why. Was it a result of legal action? Was it in
Half of 2021 has already blown past and yet again ransomware has dominated infosec headlines. Petroleum distributor Colonial Pipeline, meat supplier JBS, and IT service provider Kaseya have all been in headlines not for stellar business performance but because they have been victims of crippling ran
Just as some were, rather hopefully, predicting that ransomware had peaked given the increased response by the US and other governments to both the Colonial Pipeline and JBS incidents. Ransomware operators behind Sodinokibi, who have also been blamed for the JBS incident, seem not to have received t
The good work done by No More Ransom may be difficult to quantify but it is safe to say that their work releasing free decryptors to be used by victims of ransomware has possibly saved millions of dollars’ worth in damages and ransom payments funding criminal activity. Now with the help of security
It is almost daily that ransomware makes headlines in some form or another. Many of the headlines and subsequent articles cover the latest large corporations to fall victim to a ransomware attack. Recent high-profile attacks, including the Colonial Pipeline Incident and subsequent responses by gove
For any scholar of cybersecurity trends, ransomware provides a unique study. The threat has seen several key evolutions since it first emerged in 2010. The latest evolution seen and documented by two separate security firms involves how ransomware operators are using virtual machines (VMs) to hide a