research

The 2024 Annual Guarding Report: Navigating the Changing Weather

Posted on December 5, 2024December 5, 2024 by Admin

Workplace violence, civil and political unrest, property crimes, and weather-related challenges are all on the plate of guarding companies and their clients, who must respond with the right training, equipment and technology, and hiring and retention initiatives to ensure they keep people and assets safe and secure. The Archers-Daniels-Midland Company (ADM), which mostly uses GardaWorld Security in North America but a variety of other companies around the world, has experienced an increased need for guards…

Number of Active Ransomware Groups Highest on Record

Posted on October 17, 2024October 17, 2024 by Admin

This year has seen the highest number of active ransomware groups on record, with 58 attacking global businesses in the second quarter. Threat intelligence platform provider Cyberint has reported only a slight dip in the third quarter, with 57 active groups. Furthermore, in Q3, the top 10 ransomware groups were responsible for only 58.3% of all detected attacks. This reflects both the increase in the number of active groups in general and a decline in…

Podcast bait, malware switch.

Posted on October 5, 2024October 26, 2024 by Admin

Joshua Miller from Proofpoint is discussing their work on “Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset.” Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link. The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration….

RansomHub threat actors observed using EDR-killing tool

Posted on August 20, 2024August 20, 2024 by Admin

Threat research from Sophos details a recent encounter with the ransomware group known as RansomHub. The research reports that the attack was unsuccessful; however, researchers were able to analyze the attack and discovered the use of an EDR-killing tool. The research has labelled this utility the EDRKillShifter. John Bambenek, President at Bambenek Consulting, comments, “At present, only RansomHub is using the tool. However, as it was sold on the dark web, it is more than likely that…

Olympic scammers go for gold.

Posted on July 20, 2024July 27, 2024 by Admin

This week, we are joined by Selena Larson, Staff Threat Researcher, Lead Intelligence Analysis and Strategy at Proofpoint, as well as host of the “Only Malware in the Building” podcast, as she is discussing their research on “Scammers Create Fraudulent Olympics Ticketing Websites.” Proofpoint recently identified a fraudulent website selling fake tickets to the Paris 2024 Summer Olympics and quickly suspended the domain. This site was among many identified by the French Gendarmerie Nationale and…

AI arms race: Cybersecurity defenders in the age of evolving threats

Posted on June 27, 2024June 27, 2024 by Admin

As web application cyberattacks surge, defenders are on the frontline of an ever-evolving battlefield. With adversaries leveraging artificial intelligence (AI) to sharpen their assaults, defenders face unprecedented challenges. However, AI isn’t just empowering attackers — it’s also emerging as a crucial ally for defenders. Organizations can use AI’s capabilities and implement strong security training to identify and neutralize threats. Rest assured, the rise in web application attacks signifies a persistent shift rather than a passing…

Email obfuscation tactics elude security protections

Posted on June 19, 2024June 19, 2024 by Admin

Cyber attackers have used email obfuscation techniques for decades to conceal malicious code or data within a file, script or network traffic. There are many email obfuscation methods, such as putting addresses into images, captchas or texts that bots cannot read. Such traditional email obfuscation tactics are well known, and security controls have historically been good at patching and stopping them. But recently our threat researchers have uncovered some newly evolving techniques that are designed…

Women face nearly twice as much exclusion in cybersecurity than men

Posted on June 4, 2024June 4, 2024 by Admin

A report by Women in CyberSecurity (WiCyS) reveals key findings on the current state of inclusion in cybersecurity. By conducting a survey of 1,000 employees (65% women and 35% men) the report found notable gender disparities in the cybersecurity industry. In the report, surveyed women noted the top four categories in which they experience exclusion: respect, career and growth, access and participation and recognition. When compared to their male counterparts, women reported 350% more exclusion…

The art of information gathering.

Posted on April 20, 2024May 8, 2024 by Admin

Greg Lesnewich, senior threat researcher at Proofpoint, sits down to discuss “From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering.” Since 2023, TA427 has directly solicited foreign policy experts for their opinions on nuclear disarmament, US-ROK policies, and sanction topics via benign conversation starting emails. The research states “While our researchers have consistently observed TA427 rely on social engineering tactics and regularly rotating its email infrastructure, in December 2023 the threat actor began to abuse…

The return of a malware menace.

Posted on March 2, 2024March 9, 2024 by Admin

This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, “Bumblebee Buzzes Back in Black.” Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing. After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of…

1 2 3 … 18 »

research

The 2024 Annual Guarding Report: Navigating the Changing Weather

Number of Active Ransomware Groups Highest on Record

Podcast bait, malware switch.

RansomHub threat actors observed using EDR-killing tool

Olympic scammers go for gold.

AI arms race: Cybersecurity defenders in the age of evolving threats

Email obfuscation tactics elude security protections

Women face nearly twice as much exclusion in cybersecurity than men

The return of a malware menace.

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)