Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


Netskope Threat Coverage: Evil Ant Ransomware

Netskope Threat Labs recently analyzed a new ransomware strain named Evil Ant. Evil Ant ransomware is a Python-based malware compiled using PyInstaller that looks to encrypt all files stored on the victim’s personal folders and external drives. This ransomware strain requires process continuity from encryption until file recovery. Rebooting, shutting down, or ending the ransomware process will make affected files unrecoverable.

From Water to Wine: An Analysis of WINELOADER

In late February 2024, Mandiant identified APT29, a Russian state-sponsored threat group, deploying a new backdoor called WINELOADER to target German political parties. This campaign marks a significant shift in APT29's targeting, as they have traditionally focused on government and diplomatic entities. The expansion to political parties suggests an evolution in the group's intelligence gathering priorities, likely influenced by the current geopolitical climate.

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware gangs that often takes place. However, this level of difficulty doesn’t mean the pressure should be relieved.

CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments

CrowdStrike Falcon Next-Gen SIEM, the definitive AI-native platform for detecting, investigating and hunting down threats, enables advanced detection of ransomware targeting VMware ESXi environments. CrowdStrike has observed numerous eCrime actors exploiting ESXi infrastructure to encrypt virtual machine volumes from the hypervisor to deploy ransomware in organizations. Access to ESXi infrastructure typically takes place as part of lateral movement.

Shamane Tan on rising up - Cyber Security Decoded

Inspirational words from Shamane Tan on Cyber Security Decoded…as you climb your personal ladder to success, you should be your biggest cheerleader! There won’t always be someone there to recommend you for promotions or point you in the right direction. People come and go, and opportunities arise and vanish. That’s why in order to grow, whether it’s in the #CyberSecurity industry, the broader #Technology industry, or elsewhere, you must always be proactive in seeking out new ways to grow personally and professionally!

Analysis: FBI's FY23 Cybercrime Report Shows Two Tactics Are On The Rise

I started my career as a Counterintelligence Special Agent in the U.S. Army, quickly learning how to decode the complex signals of security threats. Next, I sharpened my skills in state law enforcement, investigating (and preventing) cybercrime by identifying and mitigating digital threats.

DragonForce Ransomware - What You Need To Know

A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to others via the dark web.

Nitrogen Campaign: A Threat Targeting Tech and Non-Profit Sectors in North America

Foresiet Security Intelligence has recently uncovered the Nitrogen campaign, which has set its sights on numerous organizations within the technology and non-profit sectors across North America. While Foresiet managed to intercept the infections before significant hands-on-keyboard activity took place, there are strong indications that threat actors are leveraging this infection chain to establish compromised environments for deploying ransomware.