It has been a busy couple of days for reports coming from security firm FireEye. Last week this publication covered the use of the FiveHands ransomware strain by a financially motivated group tracked as UNC2447. This week a new report published by the firm details an attack campaign carried out by y
A financially motivated threat actor has been seen exploiting a zero-day bug in SonicWall SMA 100 Series VPN appliances. This is done to gain initial access to enterprise networks so that the threat actors can deploy a newly discovered ransomware strain, known as FiveHands. So far victims include or
For those still clinging to the myth that Macs are inherently secure, 2021 is proving a difficult year to back up that argument. The advent of Silver Sparrow which raced to infect over 30,000 Macs and malware that targets Macs hiding in NPM packages are just two of several instances where Macs have
Built to replace Secure Sockets Layer (SSL), Transport Layer Security (TLS) is a series of cryptographic protocols designed to secure communications across networks. The protocol is used in email, instant messaging, and voice-over IP applications. That being said the protocol's security layer in HTT
In a recent report published by Advanced Intel, a threat intelligence firm, those behind recent Ryuk attacks have changed tactics. The change in tactics is used to gain initial access to targeted networks and according to Advanced Intel’s researchers, the new tactic involves exploiting hosts with pu
While headlines regarding Iran’s nuclear program and possible Israeli malware been used to cause failures at nuclear plants is this week's big cybersecurity news, other developments deserve attention. One such development is the discovery of a new piece of malware that targets Node.JS developers usi
The recent Exchange Server vulnerability and news that the flaws were being used to spread ransomware dominated many InfoSec headlines. However, Kaspersky’s recent discovery of the Cring ransomware strain using an old VPN vulnerability as the initial attack vector reminds us that ransomware operator
Since April 3, 2021, several reports emerged of a trove of data belonging to Facebook users that had been leaked online for free. The data included namely mobile phone numbers but also includes names, emails, gender information, occupations, as well as several location identifiers. The stolen data f
2020 was seen by many as a bumper year for DDoS attacks. The survey was conducted by the Neustar International Security Council (NISC) and showed that the majority of those surveyed, 22%, believed the biggest threat they faced was a DDoS attack. Further, the number of respondents that acknowledged t
Schools and Universities continue to be a favored target of ransomware operators. Previously, this publication covered how the US Federal Bureau of Investigation issued an alert warning the education sector that the operators of the Pysa ransomware, a variant of the Mespinoza, was actively being use