Resources

Blog

Ransomware Gang Donated Part of Ransom Demands to Charities

A budding ransomware group donated part of the ransom demands that it had previously extorted from its victims to two charities. On October 13, the Darkside ransomware group announced the donations in a blog post on its dark web portal. As quoted by ZDNet: As we said in the first press release - we are targeting only large profitable corporations....
Blog

A Closer Look at the Attempted Ransomware Attack on Tesla

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system with...
Blog

IoT Devices: Privacy and Security in Abusive Relationships

A few weeks, ago, technology news site The Verge reported on a new Ring security camera that is in fact a drone that flies around inside your house. Available beginning next year, the ‘Always Home Cam’ is supposed to give its owners a total view of their home without the need for multiple cameras. Those worried about break-ins or other kinds of...
Blog

3 Zones that Require Network Security for Industrial Remote Access

By now, we have a good understanding of what secure remote access (SRA) is and why organizations might choose to enable it for their OT environments. We also know that securing IT-OT collaboration, leveraging guidance from best practice frameworks and using an automated solution can help organizations to implement this type of access. Even so, we...
Blog

Silent Librarian APT Targeting Universities with Spear Phishing Attacks

Security researchers discovered that an APT group known as "Silent Librarian" is actively targeting universities with spear phishing attacks. Malwarebytes learned in mid-September that Silent Librarian, also known as "TA407" and "COBALT DICKENS," had launched a new attack campaign. In its analysis of the operation, the security firm found that the...
Blog

UAE’s Information Assurance Regulation – How to Achieve Compliance

For years, the United Arab Emirates (UAE) has committed itself to adopting information technology (IT) and electronic communication. The UAE’s Telecommunications Regulatory Authority (TRA) noted that this policy has made the state’s government agencies and organizations more efficient as well as has improved the ability for individuals to collaborate...
Blog

JavaScript Used by Phishing Page to Steal Magento Credentials

Digital attackers created a Magento phishing page that used JavaScript to exfiltrate the login credentials of its victims. Sucuri came across a compromised website using the filename "wp-order.php" during an investigation. This phishing page hosted what appeared to be a legitimate Magento 1.x login portal at the time of discovery. In support of this...
Blog

SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

Vulnerability Description Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as well as SSL VPN remote access. ...
Blog

Lessons From Teaching Cybersecurity: Week 3

As I had mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

VERT Threat Alert: October 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th. In-The-Wild & Disclosed CVEs (October 2020 Patch Tuesday Analysis) CVE-2020-16938 This CVE describes an information disclosure in the Windows kernel that...
Blog

Fake Windows Defender Antivirus Theme Used to Spread QBot

Digital attackers incorporated a fake Windows Defender Antivirus theme into a malicious document in order to distribute QBot malware. According to Bleeping Computer, the QBot gang began using a new template for their email attack campaigns' malicious documents beginning on August 25, 2020. The template adopted the disguise of a Windows Defender...
Blog

How Cybersecurity Leaders Can Understand the Value of Their Organization’s Security Solutions

“Gartner projections show the growth in cybersecurity spending is slowing. Cybersecurity grew at 12% (CAGR) in 2018, and it is projected to decline to only 7% (CAGR) by 2023. Gartner clients are also reporting that after years of quarterly reporting on cybersecurity to their boards, that boards are now pushing back and asking for improved data and...
Blog

Deepfake Voice Technology Iterates on Old Phishing Strategies

As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities,...
Blog

Android Locker Variant Uses Innovative Sequence to Load Ransom Note

A new variant of a sophisticated Android locker family used an innovative sequence to load its ransom note on infected devices. On October 8, Microsoft Defender Research Team revealed that it had spotted a new Android locker variant using novel techniques to display its ransom note to its victims. This threat specifically targeted two components on...
Blog

New 'MontysThree' Toolset Used in Targeted Industrial Espionage Attacks

Researchers uncovered a new toolset they've dubbed "MontysThree" that has played a role in targeted industrial espionage attacks stretching back to 2018. In the summer of 2020, Kaspersky Lab discovered that an unknown actor had been using a modular C++ toolset called "MT3" to conduct targeted industrial espionage campaigns for years. The security firm...