Automated Threat Analysis from Splunk Attack Analyzer
Learn how Splunk Attack Analyzer automates threat analysis for credential phishing and malware threats.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Malware
#106 - Intel Chat: LockBit, TicTacToe Dropper, Google Cloud Run & I-Soon
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.
The Anatomy of an ALPHA SPIDER Ransomware Attack
Over the last two years, CrowdStrike Services has run several incident response (IR) engagements — in both pre- and post-ransomware situations — in which different ALPHA SPIDER affiliates demonstrated novel offensive techniques coupled with more commonly observed techniques. The events described in this blog have been attributed to ALPHA SPIDER affiliates by CrowdStrike Counter Adversary Operations.
Qilin Ransomware: Get the 2024 Lowdown
Qilin operates as an affiliate program for Ransomware-as-a-Service, employing a Rust-based ransomware to target victims. Qilin ransomware attacks are often tailored for each victim to maximize their impact, utilizing tactics like altering filename extensions of encrypted files and terminating specific processes and services.
Communicating Cyber Risk to Executives and Boards with Shamane Tan
In this episode of Cyber Security Decoded from Rubrik Zero Labs, host Steve Stone is joined by Chief Growth Officer at Sekuro and Best-Selling Author Shamane Tan to discuss differences in the cybersecurity landscape between the US and APAC, communication strategies for CISOs, building trust for better cybersecurity outcomes, improving organizational resilience, and diversity in the cybersecurity field.
How Weak Passwords Lead to Ransomware Attacks
Weak passwords can lead to ransomware attacks because they can be easily compromised through password-cracking techniques, allowing cybercriminals to gain access to an organization’s network where they can then inject ransomware. Often, when people think of the causes of ransomware infections, their first thought is it was caused by a phishing email.
Busting the SugarLocker Syndicate: Syndicate's Secrets and Takedown Tactics
Sugarlocker Summary On February 23, 2022, the operator linked to the SugarLocker ransomware, utilizing the pseudonym "gustavedore," was conspicuously seeking new partnerships on the Dark Web. SugarLocker operates through a highly flexible Ransomware-as-a-Service (RaaS) framework, facilitating extensive customization for its users in the clandestine corners of the Dark Web.
Game-Changer: Biometric-Stealing Malware
I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now. Social engineering and unpatched software (and firmware) have long been the two biggest initial root causes for hacking…for decades.
New Research: Ransomware Incidents Spike 84% in 2023
Newly-released data covering cyberthreats experienced in 2023 sheds some light on how very different last year was and paints a picture of what to expect of cyber attacks in 2024. As someone who looks a lot at industry data, I really want it to be as relevant as possible. But it’s also important to see the larger trends over the recent past to begin to predict what’s to come.
How Is Ransomware Delivered?
Some of the most common ways ransomware is delivered are through phishing emails, drive-by downloads, exploit kits and RDP exploits. According to Malwarebytes’ 2024 State of Malware report, in 2023 the number of known ransomware attacks increased by 68% from the previous year. The report also found that the largest ransom demanded in 2023 was $80 million.