A RAT primer From millions of dollars lost to reputational damage, malware affects lives, businesses, and the world around us. It’s difficult to study, moves fast, and is a constant concern for anyone living and working in the digital age. Remote access trojans make up a large portion of the malware market and are an […]
How to Protect Yourself from Ransomware on a Budget
Ransomware is here to stay. It is one of the most direct ways for criminals to monetize cyberattacks, and small and mid-sized enterprises (SMEs) across the spectrum have experienced a marked uptick in attacks. All organizations across every industry should assume an imminent attack and prepare accordingly, but how to do that with the limited […]
PrintNightmare Breakdown: Analysis and Remediation
At the start of this month, a proof of concept for a Microsoft print spooler vulnerability rocked Windows admins, causing a clamor to contain the worst of the damage. This vulnerability is covered under CVE-2021-34527. Originally beginning as a marked ‘low severity’ vulnerability, a proof of concept showed the ease at which this patched vulnerability […]
Log4J Library Zero-Day Breakdown: Analysis and Remediation
Exploit BackgroundThe Log4j exploit is a vulnerability in an open source Apache logging framework that allows attackers to gain arbitrary execution abilities on an affected device. Used commonly in modern Java applications (even some non-enterprise applications like Minecraft), services are scrambling to defend against this vulnerability. Earliest evidence of this exploit was found December 1st, […]
Drawing the RedLine – Insider Threats in Cybersecurity
The RedLine password theft malware is a hot topic this month with Microsoft’s employee compromise. Though Microsoft didn’t offer many officially released details on what occurred, we can examine how RedLine works to gain an understanding of what may have possibly occurred. Passwords: An Easy Target Let’s not mince words: passwords are difficult for most […]
Weathering Russian Winter: The Current State of Russian APTs
It’s no secret that Russian Advanced Persistent Threats (APTs) are a significant burden on cybersecurity teams. For years, organizations have been bombarding their systems with patches and configuration changes to dodge targeted attacks, and the focus on APTs specifically from Russia has never been higher. However, the Russian invasion of Ukraine has put the risk […]
Under the Wire: Evading Censorship & Protecting Sensitive Information
In times of trouble, citizens can feel a sense of deep helplessness. With war, famine, or political unrest raging outside of their window, many feel compelled to help or somehow make a difference, but may not understand how their position is valued. The organization Reporters Without Borders is a consultant for the United Nations and […]
Bad Luck: BlackCat Ransomware Bulletin
On April 19th of 2022, the FBI Cyber Division released a flash bulletin regarding the Blackcat ransomware-for-hire. This was met with mixed reactions – some found the ransomware to be of little concern, others made a case for tracking its progress. Either way, this ransomware-for-hire has been around far longer (in internet terms) than the […]
Follina Zero-Day Vulnerability Breakdown: Analysis and Remediation
Background The newest Microsoft Office zero-day vulnerability, Follina, has been causing a buzz around much of the security community. The largest differences between it and most other Office vulnerabilities are that it has found a way around the use of macros and that it does not have any planned patches in the pipeline. Rather than […]