Results for: ransomware
Samsam and Petya: The New Wave of Ransomware
Malware development, like any other area in IT, is a hotbed of innovation and change. At the forefront of this trend are the groups responsible for developing ransomware applications such as TeslaCrypt and Cryptowall. Today’s news brings two new challengers:...
TeslaCrypt 4.0 ransomware ups the ante with unbreakable encryption
When TeslaCrypt first arrived on the ransomware scene about a year ago, it seemed like a CryptoLocker copycat with a few new tricks, such as renaming existing files, deleting browser history to hide the source of the infection, and a...
KeRanger brings ransomware to the Mac
Not too long ago one of the benefits of using a Macintosh for work was that there wasn’t enough of these systems in place to make it worthwhile for hackers to target them. Fast forward to today, and the growing...
Cybersecurity Threat Advisory: SilverFox deploys ValleyRAT rootkit
SilverFox threat actors are actively running a ValleyRAT campaign to bypass security controls, escalate privileges, and maintain deep system access while avoiding detection. Organizations should treat this as a high-priority threat. Continue reading this Cybersecurity Threat Advisory to protect against...
Nation-state tactics are now in criminal hands
Government-backed hackers once reserved these techniques for targeted campaigns. Today, those techniques appear in everyday malware. For MSPs, the distinction between “targeted” and “opportunistic” attacks is disappearing. “The line between nation-state attacks and criminal attacks is disappearing faster than many...
Tech Time Warp: Nine years since the NotPetya nightmare
With damages estimated at $10 billion worldwide, the NotPetya malware attack of late June 2017 was a nightmare scenario by any standard. But several aspects of the malware — the work of Russian military intelligence officers — were particularly fiendish:...
Cybersecurity Threat Advisory: FortiBleed credential exposure campaign
Recent reporting has detailed an active credential exposure campaign dubbed “FortiBleed” that targets internet-facing FortiGate firewall devices. The activity involves a custom tool, often referred to as FortiGateSniffer, that enables attackers to harvest sensitive information. This includes VPN credentials and...
Tip Tuesday: Build a client education kit to reduce security tickets
Like many managed service providers, you may have realized that the number of incoming support desk tickets is too high for your current team to manage. Although hiring more people is one option, empowering users with a client education kit...
Cybersecurity Threat Advisory: Fortinet credential exposure
Security researchers have reported a large-scale “FortiBleed” compromise involving exposed Fortinet/FortiGate firewall and VPN credentials. The incident could affect tens of thousands of devices worldwide. Review the Cybersecurity Threat Advisory now to protect your clients’ systems. What is the threat?...
Cybersecurity Threat Advisory: Microsoft Teams TURN relay exploit
Threat actors are using a custom backdoor to route their command-and-control (C2) traffic through Microsoft Teams’ TURN relay infrastructure. This technique blends malicious traffic with legitimate Teams communications. As a result, attackers can bypass traditional network defenses, maintain covert access...
