While this post is intended to be a little tongue-in-cheek for readers, it’s been written to provoke discussion on how organizations continue to do the same things they have done for the last 15 years, without thinking of all the issues they bring with them…
Tags: ransomware, phishing, isolation, web isolation, spear-phishing, malvertising
The past few years, the major studios and production companies that create movies, broadcast television, streaming content, and even online and video games have been under cyber attack.
Tags: cyber attacks, ransomware, phishing attack, isolation, malicious code, malware
It’s another day and another cyber attack headline in the media. This time it’s another ransomware-style attack; this one is called “Bad Rabbit”. According to media reports, it has impacted organizations in Russia and Ukraine mostly, with reports of some businesses in Turkey and Germany (and possibly in Poland and Japan) also being affected (that we know of so far).
Tags: ransomware, bad rabbit, credential theft, javascript, isolation technology, web isolation, cyber threats
Spear phishing attacks continue to plague businesses of all sizes, across all sectors. Detection of these messages remains an impossible feat. Spear phishing messages plague everyone and their intent ranges from delivering malware or ransomware, to stealing passwords and personal information, such as bank account information. All of these things have a high value in the online criminal world, hence why spear phishing is the most popular tool in the cyber attack arsenal today.
Tags: spear-phishing, anti-phishing, cyber attacks, cyber security, ransomware, cyber training
The financial services industry is consistently among the most highly targeted industries for cyberattacks. Financial services institutions (FSIs) are a popular and frequent focus of attackers because, to quote famed bank robber Willie Sutton, when asked why he robbed banks: “That’s where the money’s at.”
Tags: financial services industry, cyberattacks, phishing, phishing attacks, phishing prevention, malware, ransomware, isolation, banking credentials, keyloggers, employee credential theft, credential theft, watering hole attacks, drive-by exploits, spear-phishing
Lately, instances of malware with built-in worm functionality have been on the rise. The WannaCry cyberattack is a perfect example. Although the malware was classified as ransomware, to increase the number of infections, the attackers used an SMB exploit to propagate it laterally within enterprises.
Tags: malware, worm, wannacry, cyber attacks, cyber threats, ransomware, Houdini, remote access trojan, isolation, web isolation
While Black Hat USA 2017 ended three weeks ago, I wanted to share my thoughts and experiences on my very first Black Hat USA 2017 after being in security for 15+ years.
Tags: Black Hat Conference, black hat, Ichthyology, cyber attacks, cyber theft, cybersecurity, cyber training, authentication and application security, phishing training, phishing attacks, credential theft, malware, ransomware, spearphishing, isolation
Whilst working with a customer on a web isolation project over the past two weeks, I was passed on a query based on a report published by Recorded Future in December 2016. The report was a summary of what were the popular vulnerabilities used in exploit kits by attackers in 2016 (source: RecordedFuture).
Tags: malware vulnerabilities, web isolation, web-based vulnerabilities, ransomware, malvertising
Another week, another massive cyber attack hits the world. Since the Wikileaks share, powerful new hacking tools are readily available to anyone in the world. This will not be the last attack leveraging these newly available weapons.
Tags: cyber attacks, cybersecurity, cyber threats, ransomware, isolation, remote browsers, anti-phishing, security strategy, WannaCrypt, GoldenEye, bitcoin
The world could rid itself of ransomware overnight if we, as a society, could collectively agree to stop paying ransom. If there was a 100% certainty that they would not get paid, attackers would simply shift their attention elsewhere. But the fact of the matter is people do pay criminals to release their critical data. According to a new survey, 52% would pay up if their computer were taken hostage by ransomware. Why is this?
Tags: ransomware, bitcoin, bitcoins, browser-based attacks, cyber theft, cyber threats
