Yet Another Hacker Summercamp Survival Guide

You’ve seen it a hundred times. Someone’s recommendation on how to survive a security conference / hacker summer camp / DEF CON. ‘Bunny’, you may say, ‘why are you writing this? Haven’t we had enough?’ Dear reader, no we have not. Though you may have seen hundreds of these guides, it doesn’t stop dozens of […]

History of malware: Remote Access Trojans (RATs)

A RAT primer From millions of dollars lost to reputational damage, malware affects lives, businesses, and the world around us. It’s difficult to study, moves fast, and is a constant concern for anyone living and working in the digital age. Remote access trojans make up a large portion of the malware market and are an […]

How to Protect Yourself from Ransomware on a Budget

Ransomware is here to stay. It is one of the most direct ways for criminals to monetize cyberattacks, and small and mid-sized enterprises (SMEs) across the spectrum have experienced a marked uptick in attacks. All organizations across every industry should assume an imminent attack and prepare accordingly, but how to do that with the limited […]

PrintNightmare Breakdown: Analysis and Remediation

At the start of this month, a proof of concept for a Microsoft print spooler vulnerability rocked Windows admins, causing a clamor to contain the worst of the damage. This vulnerability is covered under CVE-2021-34527. Originally beginning as a marked ‘low severity’ vulnerability, a proof of concept showed the ease at which this patched vulnerability […]

Log4J Library Zero-Day Breakdown: Analysis and Remediation

Exploit BackgroundThe Log4j exploit is a vulnerability in an open source Apache logging framework that allows attackers to gain arbitrary execution abilities on an affected device. Used commonly in modern Java applications (even some non-enterprise applications like Minecraft), services are scrambling to defend against this vulnerability. Earliest evidence of this exploit was found December 1st, […]

Drawing the RedLine – Insider Threats in Cybersecurity

The RedLine password theft malware is a hot topic this month with Microsoft’s employee compromise. Though Microsoft didn’t offer many officially released details on what occurred, we can examine how RedLine works to gain an understanding of what may have possibly occurred. Passwords: An Easy Target Let’s not mince words: passwords are difficult for most […]

Weathering Russian Winter: The Current State of Russian APTs

It’s no secret that Russian Advanced Persistent Threats (APTs) are a significant burden on cybersecurity teams. For years, organizations have been bombarding their systems with patches and configuration changes to dodge targeted attacks, and the focus on APTs specifically from Russia has never been higher. However, the Russian invasion of Ukraine has put the risk […]

Under the Wire: Evading Censorship & Protecting Sensitive Information

In times of trouble, citizens can feel a sense of deep helplessness. With war, famine, or political unrest raging outside of their window, many feel compelled to help or somehow make a difference, but may not understand how their position is valued. The organization Reporters Without Borders is a consultant for the United Nations and […]

Bad Luck: BlackCat Ransomware Bulletin

On April 19th of 2022, the FBI Cyber Division released a flash bulletin regarding the Blackcat ransomware-for-hire. This was met with mixed reactions – some found the ransomware to be of little concern, others made a case for tracking its progress. Either way, this ransomware-for-hire has been around far longer (in internet terms) than the […]

Follina Zero-Day Vulnerability Breakdown: Analysis and Remediation

Background The newest Microsoft Office zero-day vulnerability, Follina, has been causing a buzz around much of the security community. The largest differences between it and most other Office vulnerabilities are that it has found a way around the use of macros and that it does not have any planned patches in the pipeline. Rather than […]