Dec 5, 2018 9:14:54 AM

'Tis the Season for Cybercrime

Cybercriminals take advantage of events and occasions that give their targets a sense of urgency. The end-of-year holiday season combines an unbalanced shortage of staff through the month of December with a rush to complete work before the year’s end, and the personal obligations of individual staff. The heightened level of stress and impending deadlines will cause otherwise-vigilant employees to miss attacks and scams this time of the year. Criminals will take advantage of the chaos.

Topics: Attack Surface

Oct 10, 2018 10:00:00 AM

Fear and Prosecution in Ransomware Operations

When a new ransomware variant reveals itself, there's an intense effort put towards reverse engineering the malicious software ("malware"). As I've discussed previously, reverse engineering is the process of analyzing software to determine its capabilities, how it works, and the design decisions that went into its creation. This process allows for quick identification of "indicators of compromise", unique changes made to the infected system by the malicious software. These indicators can be used to detect the presence of ransomware on systems, ideally before it has a negative impact on your network.

Topics: ransomware, Attack Surface, Reverse Engineering

Feb 12, 2018 4:34:11 PM

The New Theft: Drive-By Cryptocurrency Mining

You may be able to wrap your head around the concept of a cybercriminal stealing money from your bank accounts, or monetizing your customers’ personal financial information, but have you considered that an attacker might be able to steal money from you through your utility bill, and maintenance budget for computer hardware? Cryptocurrency mining through malicious advertising on popular sites like YouTube is the new theft and could put your organization's bottom line at risk.

Topics: Penetration Testing, cybersecurity, advanced penetration testing, incident response, Malware, Attack Surface

Oct 16, 2017 9:45:25 AM

Impact and Mitigation of the KRACK WiFi Vulnerability

A vulnerability has been disclosed in the most popular and recommended security protocol for WiFi networks: WPA2. The weaknesses, discovered and documented by Mathy Vanhoef, may change the way your organization uses wireless until vendor patches are available. The purpose of this post is to discuss the potential impact on your organization and discuss how you can layer security around protocol weaknesses such as this one.

Topics: Attack Surface, KRACK

May 24, 2017 9:03:00 AM

The Fear of a Zero Day

Recently, the security community has been enthralled—simultaneously terrified and fascinated—with a set of new attack tools that have leaked. Within this set, a number of tools were designed to exploit “zero day” vulnerabilities for the Windows operating system. For this week’s blog, I’ll try to shed some light on what this jargon means, why “zero day” bugs are feared by some, and why you won’t need to panic.

Topics: Attack Surface, WannaCry, Zero Day

May 16, 2017 2:10:05 PM

Ransomware Worms Force Your Hand: Patch or Layer Security

Friday, May 12th, the “WannaCry” network worm joined the ranks of Conficker and Code Red. It’s infected tens of thousands of systems worldwide, and climbing. Among those victimized were England’s National Health Service, automobile manufacturers, and government systems. The worm’s ominous red ransom screen, informing the user that all files have been encrypted, was found not only on users’ desktops, but also on ATM screens, parking meters, digital billboards, and industrial control systems interfaces.

Topics: ransomware, Attack Surface, WannaCry