The rise in cyberattacks surrounding the COVID-19 pandemic

Fear, uncertainty, and doubt are powerful emotions, and time and again, hackers attempt to leverage these for their own gain. As the coronavirus develops into a worldwide pandemic, hackers are taking advantage of the fear many of us feel to spread malware. We’re seeing an abundance of coronavirus-themed phishing, business email compromise (BEC), malware, and ransomware attacks targeting different industries, especially in the health sector.


Stories from the SOC- RIG Exploit Kit

AT&T Alien Labs® Open Threat Exchange® (OTX) recently created a pulse for a new threat entitled the RIG Exploit Kit which had been observed distributing ransomware to victim companies across a variety of industry verticals. This exploit was discovered by BroadAnalysis who outlined the exploit’s intricacies in a whitepaper that was released December 2, 2019.


Now Is the Time to Get up to Speed with CMMC and SP 800-171 Rev 2

At the beginning of March 2020, Fifth Domain reported that Colorado-based aerospace, automotive and industrial parts manufacturer Visser Precision LLC had suffered a DoppelPaymer ransomware infection. Those behind this attack ultimately published information stolen from some of Visser’s customers. Those organizations included defense contractors Lockheed Martin, General Dynamics, Boeing and SpaceX.


Operationalize Ransomware Detections Quickly and Easily with Splunk

In 2019 multiple cities, hospitals and educational institutions in the U.S. were crippled by ransomware, including Baltimore, Atlanta, New York City, Regis University in Denver and Monroe University in New York. In the the last 12 months, the infosec community has seen these ransomware operators seriously upping their game (see Ryuk ransomware).


Securing Office 365 against the latest threats

The world is currently gripped by the spread of Covid-19, more commonly referred to as coronavirus, and unsurprisingly, cybercriminals are making the most of the situation and public uncertainty through phishing scams. There are many different examples of Covid-19 phishing scams in active circulation. Some purport to share the latest guidance, others encourage people to apply for a tax rebate, and yet more ask for donations towards medical efforts. Some even claim to provide a magical cure.


We Want You! Win the War on Ransomware Today

Arguably, the first malware extortion attack occurred in 1988 – the AIDS Trojan had the potential to be the first example of ransomware, but due to a design flaw, the victims didn’t end up actually having to pay up the 189 bucks. It’s safe to say that over the past 31 years, attackers have perfected the ransomware craft, with organizations shelling out more than $25 billion per year. We don’t expect it to end any time soon.


5.4 Million Customers Risk Credit Card Theft with Khaadi

During research into client side attacks, we recently observed a skimmer loading on the popular Pakistani fashion website, Khaadi. Khaadi is a global brand including seven stores in the UK and the company boasts over 5.4 million followers on social media. Khaadi have faced negative press recently, after an uproar about inhuman workplace conditions in 2017, and narrowingly avoiding going into administration in 2019.


Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware. If you’ve been kicking around in the world of IT security for more years than you’d like to admit, then you’ll surely remember the ILOVEYOU virus (also known as the “Love Bug” or “Loveletter”).


Signature and Socket Based Malware Detection with osquery and YARA

Historically, common detection methods have used file hashes (MD5, SHA1, and SHA256)—unique signatures based on the entire contents of the file—to identify malware. Modern threat actors have increased in sophistication to a point where every instance of a given malware will have a different hash, and that hash will vary from machine to machine.


Recovering from OneDrive for Business ransomware attacks

Ransomware has been a growing threat in recent years, and experts now estimate the cost of these attacks at $7.5 billion in the USA alone in 2019. The affected institutions include 966 government agencies, educational establishments, and healthcare providers. Since most ransomware attacks stem from a small mistake made by one end user, either through phishing emails or stolen credentials, the threat is only expected to increase in the years to come.