In the past, the research conducted by Chainalysis has provided levels of insight into ransomware operations that were sorely lacking in the past. By following the “money”, largely in the form of the trail left by ransomware gangs who utilize cryptocurrencies as their main vehicle for conducting the
In a report published by ESET, titled “A wild Kobalos appears: Tricksy Linux malware goes after HPCs” details of a new malware strain which has been seen to target high-performance computing (HPC) clusters. Typically, HPC are collections of servers, referred to as nodes, connected to each other via
The year 2020 will be remembered for a lot of reasons, with the majority of those reasons been viewed with negative emotions. Another reason to be added to the “bad” pile was discovered by security firm Neustar, that being that Distributed Denial of Service (DDoS) attacks experienced somewhat of a b
In a new report by security firm Sophos, the gang behind the Nefilim ransomware, also called Nemty, are using stolen credentials belonging to deceased individuals to compromise networks. Nefilim is perhaps best known for their successful attack on appliance manufacturing giant Whirlpool towards the
Two separate warnings have been published warning that certain encryption protocols are obsolete and may place organizations at risk. Both the US National Security Agency (NSA) and the Dutch National Cyber Security Centre (NCSC) have warned that TLS 1.1 and, to some extent, TLS 1.2 may leave organiz
Researchers at CheckPoint have discovered a new botnet, called FreakOut, that exploits not one but three known software vulnerabilities to infect Linux systems. With TrickBot managing to create enough of a problem that big tech and law enforcement have moved to shut it down, with varying levels of s
The InfoSec community sees time and time again that a successful scam does not need cutting edge malware to succeed. Relatively lo-fi scams with regards to technology still are a massive problem for anyone using the Internet or an Internet-connected device. Sextortion scams are a case in point. Grou
In a recently published report by ESET, titled “Operation Spalax: Targeted malware attacks in Colombia” the details of a campaign targeting Columbian energy and metal firms were analyzed. The campaign began in 2020 and appears to still be ongoing. In summary, the attackers make use of relatively eas
The first week of 2021 is almost up and it has already seen its fair share of news. In the InfoSec community, we have already seen the fallout of the SolarWinds hack and credit card details being leaked online for free. 2020’s most prevalent and destructive threat, ransomware, surely would not the n
Initially when we covered the SolarWinds supply chain hack in mid-December fingers were already pointing at Russian nation-state threat actors as being the likely responsible party. Given the scale and sophistication of the attack, there would only be a few well-resourced groups across the globe tha