Author: Admin

Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware responsible for the recent gas pipeline shutdown. Many of the excellent technical write-ups will detail how it operates an affiliate model that supports others to be involved within the ransomware business model (in addition to the developers). While this may not be a new phenomenon, this model is actively deployed by many groups with great effect. Herein is…

Microsoft is warning the aerospace and travel sectors of a new targeted attack campaign aimed at stealing sensitive information from affected companies. The tech giant said it had been tracking the “dynamic campaign” for several months via a series of spear-phishing emails designed to deliver an “actively developed loader.” The screenshot posted to Microsoft Security Intelligence Twitter feed was of a phishing email spoofing a legitimate organization and requesting a quote for a cargo charter….

An increase in work-related stress and a lack of paid leave opportunities during COVID-19 have raised concerns that some IT and security executives may be self-medicating to cope with the extra pressure. Security vendor OneLogin polled 250 tech leaders across the globe to compile its IAMokay Mental Health Survey. It found that over three-quarters (77%) believe the pandemic has increased workplace stress while 86% also reported an increase in workload. A quarter (25%) reported that they…

Ransomware surged 102% year-on-year at the start of 2021 as it emerged that Colonial Pipeline agreed to pay $5 million to extorters after a crippling attack that began last week. The East Coast fuel pipeline was offline for five days after an attack struck last Thursday. However, contrary to initial reports that it refused to engage with the DarkSide threat group, the company actually paid within hours of the attack, two people familiar with the…

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare. The alert published by the ACSC provides a list of countries under attack which includes the US, UK, Germany, France, China, Italy Brazil,…

The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, each with its own console, to analyze logs or traffic and detect anomalies that could be threats. In this model, it’s up to each security analyst to communicate with other analysts to determine whether each tool’s individual detection (each of which, by itself, may look benign), can correlate with other detections from other tools to reveal a…