Cyber Security Decoded: Sherrod DeGrippo on Threat Models
If you want to stay on Sherrod DeGrippo’s good side…cool it with the threat models!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Malware
Active Directory Ransomware Attacks
Organizations worldwide use Active Directory (AD) as their primary identity service, which makes it a top target for ransomware attacks. This article explains how adversaries exploit Active Directory during ransomware attacks and provides strategies and tools for defending against this modern menace.
Automated Threat Analysis from Splunk Attack Analyzer
Learn how Splunk Attack Analyzer automates threat analysis for credential phishing and malware threats.
#106 - Intel Chat: LockBit, TicTacToe Dropper, Google Cloud Run & I-Soon
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.
Communicating Cyber Risk to Executives and Boards with Shamane Tan
In this episode of Cyber Security Decoded from Rubrik Zero Labs, host Steve Stone is joined by Chief Growth Officer at Sekuro and Best-Selling Author Shamane Tan to discuss differences in the cybersecurity landscape between the US and APAC, communication strategies for CISOs, building trust for better cybersecurity outcomes, improving organizational resilience, and diversity in the cybersecurity field.
How Weak Passwords Lead to Ransomware Attacks
Weak passwords can lead to ransomware attacks because they can be easily compromised through password-cracking techniques, allowing cybercriminals to gain access to an organization’s network where they can then inject ransomware. Often, when people think of the causes of ransomware infections, their first thought is it was caused by a phishing email.
The Anatomy of an ALPHA SPIDER Ransomware Attack
Over the last two years, CrowdStrike Services has run several incident response (IR) engagements — in both pre- and post-ransomware situations — in which different ALPHA SPIDER affiliates demonstrated novel offensive techniques coupled with more commonly observed techniques. The events described in this blog have been attributed to ALPHA SPIDER affiliates by CrowdStrike Counter Adversary Operations.
Qilin Ransomware: Get the 2024 Lowdown
Qilin operates as an affiliate program for Ransomware-as-a-Service, employing a Rust-based ransomware to target victims. Qilin ransomware attacks are often tailored for each victim to maximize their impact, utilizing tactics like altering filename extensions of encrypted files and terminating specific processes and services.
Busting the SugarLocker Syndicate: Syndicate's Secrets and Takedown Tactics
Sugarlocker Summary On February 23, 2022, the operator linked to the SugarLocker ransomware, utilizing the pseudonym "gustavedore," was conspicuously seeking new partnerships on the Dark Web. SugarLocker operates through a highly flexible Ransomware-as-a-Service (RaaS) framework, facilitating extensive customization for its users in the clandestine corners of the Dark Web.
Game-Changer: Biometric-Stealing Malware
I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now. Social engineering and unpatched software (and firmware) have long been the two biggest initial root causes for hacking…for decades.