While classified as a new strain of ransomware BlackMatter is strongly believed to be a rebranding of the DarkSide ransomware operation infamous for the Colonial Pipeline Incident that drew far too much attention to the gang. BlackMatter is more than a rebranding and does boast some unique features,
As info stealers go Racoon Stealer has to be one of the more prolific malware strains of its type in recent memory. This is due in part to the malware being offered as a service, similar to how ransomware-as-a-service or other malware-as-a-service business models have been adopted recently. This mod
On July 9, 2021, the railway service used by Iranians for their daily transport needs suffered a cyber attack. New research published by Sentinel One reveals that the chaos caused during the attack was a result of a previously undiscovered form of wiper malware, called Meteor. The attack resulted i
According to a recently published report by the Sygnia Incident Response team, internet-facing Windows servers are being targeted by an advanced persistent threat group called Praying Mantis, or less glamorously TG1021. What makes their attack campaigns noteworthy is that they are almost exclusively
Researchers at Bitdefender have discovered a new password-stealing malware that targets Windows users. The malware is delivered via ads that appear in the user's search results. This is not the first time we have seen this distribution method being used this year. At the beginning of June security f
Much of the world's attention regarding cybersecurity matters has been firmly affixed to the NSO saga resulting from the Pegasus Project. While Spyware has been abused by governments dominated headlines, the US Government and its allies placed responsibility for the Exchange Server hacks that occurr
Following the Washington Post’s expose regarding the spyware created by an Israeli firm, NSO, which had been used by the firm's clients in a questionable way, the political fallout is just beginning. Spyware can be defined as malware designed to track user activity on a device, not only can activity
On the evening of Monday, July 13, 2021, various news outlets began reporting that websites and infrastructure were used by ransomware operators behind the Sodinokibi strain had been taken offline. This resulted in several theories being proposed as to why. Was it a result of legal action? Was it in
Half of 2021 has already blown past and yet again ransomware has dominated infosec headlines. Petroleum distributor Colonial Pipeline, meat supplier JBS, and IT service provider Kaseya have all been in headlines not for stellar business performance but because they have been victims of crippling ran
Just as some were, rather hopefully, predicting that ransomware had peaked given the increased response by the US and other governments to both the Colonial Pipeline and JBS incidents. Ransomware operators behind Sodinokibi, who have also been blamed for the JBS incident, seem not to have received t