MalwareTech, WannaCry and Kronos - Understanding the Connections

As Marcus Hutchins was on his way home to the UK after attending Def Con and Black Hat in Las Vegas, NV, the FBI arrested him. This event sparked immediate internet outcry, especially among the cybersecurity community, as Hutchins was better known as MalwareTech and had just made cybersecurity fame by stopping the WannaCry ransomware outbreak a few months prior. So, why did the FBI arrest a newly famous cybersecurity expert?


Emotet is down but its legacy remains: lessons learned

First identified in 2014, Emotet evolved from a niche banking Trojan into what was classified this year by Europol as one of the most prevalent strains of malware in the world. The sheer scale of Emotet’s impact on organisations means that its disruption by authorities in early 2021 ranks as one of the most significant takedowns in cyber security history.


Stopping Ransomware in Its Tracks With SOAR, Featuring Forrester Research [Video]

Ransomware is unlike most threats security teams face because it is virtually impossible to prevent and uses native processes, built into your trusted operating systems, to rapidly spread. So considering the speed and extent by which ransomware can topple an organization, what is the best approach for addressing this seemingly existential threat? We asked Forrester Research’s Joseph Blankenship and Chase Cunningham to share insights as part of a four-part series with Siemplify.


How to build a malware analysis sandbox with Elastic Security

As a security analyst on Elastic’s InfoSec team, a common scenario we see is users coming to our team and asking: “Is this file safe to open?” Or one user reports a phishing email with an attachment that they didn’t open, but we see from the logs that 10 other users also received that email but didn’t report it and no alerts went off on their systems.


REvil, Ryuk and Tycoon Ransomware: How They Work and How to Defend Against Them

It is the Tuesday morning after a long weekend. You come into work early to get caught up on emails only to find you are completely locked out. You have been hit by a ransomware attack. You ask yourself, “What happened? And how do I fix it?” This post will explore three of the most significant ransomware families of 2020: Tycoon, Ryuk and REvil.


How to protect remote workers from the surge in malware

The Great Pivot forced every business to adapt its operational model to enable mass remote access. In the first instance, priorities were geared towards business continuity, getting employees set up, and able to access the needed services. In the rush to do so, this will have led to improvisations and best practices being neglected, particularly security configurations. Some may have retraced their steps and revisited configurations to tighten up, but many won’t have.