Threat analysts from Google warn of a current malicious campaign aimed at vulnerability researchers and Red Team members. Reportedly, a North Korean nation-backed actor stands behind this operation, leveraging novel social engineering methods to approach individual security practitioners via bogus social media profiles. Attack Against Security Researchers The campaign overview from the Google Threat Analysis […]
Adversaries apply a malicious Golden SAML method to expand a scale of compromise related to the SolarWinds hack. Although security researchers initially considered that the SolarWinds Orion software was a single access vector, further investigation reveals that the Golden SAML technique allows achieving persistence on any instance within a targeted cloud environment that maintains SAML […]
The banking sector has always been an attractive target for cyber-criminals. After Zeus and Gozi emerged in 2007, prominent banking Trojans regularly made the headlines by emptying accounts of customers. Recently, security researchers have spotted yet another member of the financial malware family. This time the campaign is aimed at the US and Canadian banking […]
Delaware, USA – June 18, 2019 – One of the leaders of airplane parts manufacturing was informed to have shut down operations at its plants because of a large-scale ransomware attack. Asco Industries who is the leader in the design and manufacture of major functional components for Boeing and Airbus commercial passenger jets, Airbus A400M […]
Delaware, USA – April 9, 2019 – The largest optical products manufacturer Hoya Corporation suffered a cyber attack that infected more than 100 computers compromising users’ credentials and tried to take root for cryptocurrency mining, The Japan Times informs. The network controlling server was brought down on March 1 and the orders processing and production […]
Delaware, USA – April 8, 2019 – Another local infrastructure was hit by massive ransomware attack. Disruption of routine operations requiring a computer and inability to process payments is only the top of the iceberg of all the issues that Genesee County, Michigan faced trying to restore after the Packman ransomware attack, the abc12 informs. […]
Delaware, USA – April 5, 2019 – German chemical giant Bayer stood a cyber attack that was meant to steal the company’s sensitive data, Reuters informed. The malware that was further identified as typical of the Chinese Winnti group had infiltrated the system early last year and was closely monitored by Bayer’s Cyber Defence Center […]
About a week ago we got this info from one of our partners “We are seeing phishing emails flying in our environment (Internal to Internal)” along with sharing an email sample with us. Today we’re going to analyze the recent phishing attacks targeted at Fortune 500 and Global 2000 companies dubbed “Stealthphish” aimed at compromising […]
It’s been a hot summer for security industry: in less than a week since the initially suspected ransomware Petya.A has turned out to be much more than meets the eye. Security researchers around the world have rightfully dubbed it NotPetya and EternalPetya, as the malware was never meant to ask for ransom – it was […]
Good news everyone! After a rather long day, night and morning of studying the news, researching and hunting the #WannaCry ransomwareworm there are some discoveries to be shared.. This includes Host and Network IOCs, their analysis obtained with help of fellow security researchers and practitioners, review of C2 infrastructure and its interactions with Tor. Last but not least are some free SIEM use cases that […]