Sodinokibi and a handful of other ransomware variants are currently dominating discussions regarding ransomware. Continual updates; changes in tactics and infection vectors; and improved targeting tactics placing corporations and government organizations within their crosshairs, have all made Sodino
With tensions near the boiling point between Iran and the US, news feeds across the globe have been dominated by headlines. The InfoSec community was also stirring with opinion pieces relating to Iran capabilities in carrying out cyberattacks. However, Iranian state-sponsored hackers are now in the
In a recent blog article published by the Microsoft Defender, ATP Research Team reveals some interesting numbers regarding RDP brute-force attacks. The key findings of the research team include that brute-force attacks on RDP ports last an average of two to three days and only approximately 0.08% of
The US Coast Guard announced that it had suffered a ransomware infection which resulted in the shutdown of a maritime facility for more than 30 hours. The security bulletin, published just before Christmas, also stated that the ransomware was Ryuk. The bulletin, however, makes no mention of the name
On December 23, Russian news agencies began reporting that the government had concluded a series of tests designed to disconnect Russia from the Internet. The tests involved Russian government agencies, local internet service providers, and local Russian internet companies with the main aim of the t
In a recent report security researchers have found evidence showing that a Chinese state-sponsored hacking group, APT20, has been able to bypass two-factor authentication (2FA) in a recent campaign. Advanced persistent threat (APT) groups are typically defined as groups, more often than not state-sp
What could be worse than being infected by one piece of malware? The answer is painfully obvious, in that more than one infection is worse. What started as a lame joke may be a reality for organizations infected with Legion Loader. In a recent campaign discovered by researchers, a threat actor is at
Payment processing giant Visa warns that North American fuel pumps are currently being targeted by cybercrime syndicates looking to install Point of Sale (PoS) malware across their networks. PoS malware is typically seen as malware designed to steal credit card information from the point of sale dev
Phishing, namely the fraudulent attempt to gain an individual's personal information or credit card information via the use of emails and fake websites, continues to be a favored tactic employed by hackers to part users with money and information that can be used for identity theft. In a recent blog
New and novel ways to further a malware main objectives do not happen too often. Hackers prefer to use tried and tested means to distribute and deploy malware. Even the development of new malware is generally done by veteran groups of hackers with a certain skillset. When a new trick is seen interes