A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the executable confirmed that this group is indeed in its early stages based on the breadth … [Read more...]
Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
It's Monday, and there's no better way to start a new week than with some cybersecurity-related news. So, if you need an excuse to procrastinate a bit more, allow us to fill that void. For this iteration, we made a few minor improvements, as always. In addition to the table of contents from last time, we've added more granularity by categorizing all the stories by type. For … [Read more...]
Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
A new week, a new month, and a new Cybersecurity News post! This iteration contains a whopping eight (8) stories covering the last two to four weeks. Since cybersecurity is a diverse field of assorted specializations, we attempt to match that with various stories touching on all aspects of cybersecurity. This time we cover a few breaches, Elon Musk's decision to alter Twitter's … [Read more...]
A Technical Analysis of ISAACWiper
Shortly after Putin launched his "special military operation" in Ukraine on February 24th, 2022, researchers from ESET published information about two novel destructive malware families – HermeticWiper and ISAACWiper. HermeticWiper was part of a three-pronged campaign that included a worm and pseudo-ransomware component known as HermeticWizard and HermeticRansom, respectively. … [Read more...]
When Trying to Catch ‘Em All, Leave This RAT Alone
Recently, researchers have observed threat actors using a website previously associated with the popular AR game, PokemonGo to distribute a remote access trojan (RAT). The method of delivery is a cleverly disguised game installer that includes a copy of the commonly used NetSupport Manager application, which on its own is technically a trusted application. The surreptitious use … [Read more...]