Author: Admin

Asset management is a tricky subject. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.  Fortunately, there are tools that can assist with reaching your asset management goals. While Tripwire Enterprise (TE) is great for detecting unauthorized changes on your system and also for ensuring your systems are hardened (as well as stay hardened), you must first get a handle on managing the assets that you’re…

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. A vast majority of companies in a global…

Cyber-criminals behind a cyber-attack on a Florida school district are demanding a ransom payment of $40m in cryptocurrency.  The computer system of Broward County Public Schools was compromised at the beginning of March by data-locking ransomware in a Conti gang operation. The attack caused a system shutdown but left classes undisturbed.  Broward is the sixth-largest school district in the United States with 271,000 students and an annual budget of around $4bn.  The district, which is based in Fort…

European drone manufacturer Parrot has partnered with crowdsourced security platform YesWeHack to launch a Bug Bounty program. By setting up the two-phase program, Parrot hopes that potential vulnerabilities in its drones, mobile applications, and web services will be identified by YesWeHack’s community of more than 22,000 cybersecurity researchers. “After the integration of cybersecurity from the initial design phase of Parrot drones, the Bug Bounty launched with YesWeHack completes the audits and brings an additional step of control,” said Victor Vuillard,…

Executive Summary  Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact and revenue, much like we have seen recently with other major ransomware campaigns.  In our analysis, we observed that the attackers had access to the network before the infection and were able to collect specific information in order to orchestrate the attack and have the greatest impact. The attackers operate using a set of PowerShell scripts that…

Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations that have either chosen to not pay the ransom or have recovered their data via some other means. At the end of the day, fighting ransomware has resulted in the bad actors’ loss of revenue. Being the creative bunch they are, they have resorted to data dissemination if the ransom is not paid. This means…