In a recently published report by ESET, titled “Operation Spalax: Targeted malware attacks in Colombia” the details of a campaign targeting Columbian energy and metal firms were analyzed. The campaign began in 2020 and appears to still be ongoing. In summary, the attackers make use of relatively eas
The first week of 2021 is almost up and it has already seen its fair share of news. In the InfoSec community, we have already seen the fallout of the SolarWinds hack and credit card details being leaked online for free. 2020’s most prevalent and destructive threat, ransomware, surely would not the n
Initially when we covered the SolarWinds supply chain hack in mid-December fingers were already pointing at Russian nation-state threat actors as being the likely responsible party. Given the scale and sophistication of the attack, there would only be a few well-resourced groups across the globe tha
It is foreseeable that the SolarWinds hack will dominate headlines sometime. As more information emerges, headlines will follow. One trap that the public should not fall into is to assume other hackers take a break while the limelight is not on them. Ransomware gangs are a case in point, they will s
In recent memory, a collaboration between Windows and several other security firms attempted to take out TrickBots infrastructure. Cooler heads warned that this was not the end of TrickBot, and those behind would be back. This was proved to be true but the attempt to take down TrickBot’s infrastruct
The recent SolarWinds supply chain attack has dominated InfoSec headlines. The sheer scale of the attack warrants the coverage with even major media outlets dedicating time and space to cover the story. While the publics' attention is diverted elsewhere, hackers don’t seem to take too many breaks. E
This week’s cybersecurity news has been dominated by one event, the SolarWinds supply chain attack. On Sunday, the Washington Post published an article detailing who is possibly behind the attack. The sentiment was echoed in a New York Times article published on the same day. While the finger-pointi
Recently, this publication reported on how APT28, the infamous Russian nation-state threat actor, changed tactics to target the Norwegian parliament and recent US elections. Rather than the favored method of using spear phishing to initially compromise victims and steal credentials, the group employ
According to the Norwegian police secret service (PST), APT28 is also known as Fancy Bear was behind a recent cyberattack on the Norwegian Parliament. The attack happened in August 2020 with hackers gaining access to the Parliament's email system and accessed inboxes for Stortinget (Parliament) empl
The botnet called TrickBot and its operators has been a pain in the side of cybersecurity experts for years now. In October, Microsoft announced that the tech giant had partnered with several security firms and internet service providers that it had attempted to cripple TrickBot’s infrastructure. It