Security researchers observed some variants of the TrickBot malware family mistakenly warning victims that they had suffered an infection. Advanced Intel's Vitali Kremez traced the mistake to "password-stealing grabber.dll." This module is responsible for stealing browser credentials and cookies from Google Chrome, Microsoft Edge and other web...

Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet. Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well as the current...

Security researchers found evidence that the Conti ransomware strain could be a possible successor to the Ryuk crypto-malware family. Vitali Kremez, strategic advisor for SentinelLabs, analyzed both Conti and Ryuk. He found that the former appeared to be based on the code of the latter's second version. He also observed Conti to be using the same...

Things just got serious. Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Security researchers at Agari have published a report detailing their investigations into a...

Security researchers detected a new variant of the Joker spyware family that had infiltrated Google Play and had begun abusing an old trick to target users. Check Point Research found that the authors of Joker, a dropper and premium dialer spyware, had once again modified their creation's code so that the malware would bypass the Play Store's...

The highly anticipated structural update to the MITRE ATT&CK framework was released July 8th, 2020. After a quiet first half of the year, it appears the ATT&CK team has been putting in lots of work into some significant redesign of the framework’s structure. This update introduces a new layer of abstraction: sub-techniques. ATT&CK is a taxonomy of...

I’ve worked in the IT field for over 30 years. 20 of those years have been spent in the network security field, employed by some of the largest names in the industry. But to my family, I’m still just the guy who “works with computers”. Many of my family are not computer savvy, which is a nice way of saying I had to teach them where the power button...

Renewable energy company EDP Renewables notified its landowners of a ransomware attack that it suffered in the spring of 2020. In a sample notification letter received by the Attorney General's Office of Vermont, EDP Renewables informed its landowners that its information systems had suffered a...

Ransomware has been around for decades going back all the way to 1989. Since then it has only magnified in scope and complexity. Now at a time when working remotely is becoming more universal and the world is trying to overcome the Covid-19 pandemic, ransomware has never been more prominent. Ransomware is a type of malware that prevents users from...

A Nigerian national entered into the custody of the FBI to face charges of having targeted several U.S. companies with business email compromise (BEC) scams. On July 3, the U.S. Attorney's Office for the Northern District of Illinois announced that the United Arab Emirates had expelled Olalekan Jacob...

If the global cybercrime forecast took the form of a weather report, it might go something like this: The extended outlook calls for continued online lawlessness, scattered malware attacks and an ongoing blizzard of data breaches. After all, with experts predicting that the cybercrime epidemic will cost the world $6 trillion annually by 2021 as the...

In 2020, car manufacturer Honda fell victim to a ransomware attack. Using a payload called “update.exe,” the attack crippled Honda’s international customer service and Financial Services wing for days. Although it affected two customer facing branches of this global corporation, the ransomware was designed to target and breach Honda’s critical ICS...

The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above...

What is the Windows Store? The Windows Store is a digital platform that allows for the distribution of applications. This platform offers both free and paid. Users use the Window Store to install applications that are of interest to them. Can you disable the Windows Store? Windows Store can be disabled via group policy to prevent users from...

Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom note demanding a cryptocurrency payment for the data's safe return. As ZDNet reports, ransom notes have been left on almost 23,000 MongoDB databases that were let unprotected on the public internet without a...

Security researchers spotted Trickbot malware checking the screen resolution as a means of evading analysis on a virtual machine (VM). Digital security firm MalwareLab came across a sample of the trojan that checked to see whether a computer's screen resolution was either 800x600 or 1024x768. It then terminated if it found that the screen resolution...

Organizations cannot afford to neglect their PCI compliance obligations. According to its website, PCI could punish offending organizations with a monetary penalty ranging in value from $5,000 to $100,000 per month. These fines could spell the end for a small business. Acknowledging those consequences, organizations need to make sure they’re PCI...

What are the brakes on a car designed to do? I have asked this question many times when speaking to customers or organizations who were dipping their toes into the audit space. Invariably, their answer was, “To stop the car.” At this point, I would then ask, “Then how do you get where you want to go?” What Is the Purpose of Controls and a...

Security researchers detected a new ransomware strain that leveraged piracy as a means of distributing itself to Mac users. On June 29, a Twitter user reached out to Malwarebytes about a malicious Little Snitch installer that was available for download on a Russian forum known for sharing torrent links. A close look at the installer revealed that it...

Building the Case for IoT Security Framework The Internet of Things (IoT) is growing in technical, social, and economic significance. ENISA defines the increasingly complex IoT systems as “cyber-physical ecosystem[s] of interconnected sensors and actuators, which enables intelligent decision making.” These technologies collect, exchange and process...