Blog

Originally an offshoot of CrySiS, the Dharma ransomware family has brought forth a new variant, as part of its ongoing creation of new strains. In this blog post, we analyze the latest variant found in the wild by malware researcher Jakub Kroustek. Cymulate customers can check if they are vulnerable to this threat by running an Immediate Threat Intelligence simulation of this variant, uploaded to the dashboard on 28th July 2019. (Login to the dashboard here.) Overview Dharma has been operating.

In the beginning there was pen testing. Then, developers accelerated pen testing with automated pentesting tools. Next, came the realization that instead of just one pen tester, a full team of pen testers could be deployed. Instead of seeking and exploiting security gaps opportunistically, they would perform reconnaissance work ahead of time, then plan and carry out a multi-step, multi-vector attack across the cyber kill chain, mimicking today’s sophisticated cyber heists and advanced.

The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million customers,.

You’ve come to the conclusion that quarterly pen tests, monthly vuln scans and annual red teaming are great, but there still not enough. You need to know if you’re truly secure, and you need to know it right now. You’ve recently heard about breach and attack simulation (BAS) and how it can help. So what should you look for when evaluating BAS solutions? Here’s our $0.02.   Validation of both Internal and External Controls Many BAS solutions focus solely on challenging your internal network.

Supply chain cyberattacks are increasing as companies outsource a growing number of services. Today, your enterprise is more likely than ever to have third parties touching sensitive data[1]. Even when your security controls are robust, an attacker can breach a weaker network—like the network of one of your suppliers, service providers, or partners—and use it as an indirect route into your network[2]. In 2018, many highly publicized breaches were the result of supply-chain attacks: Atrium.

Cymulate’s Breach and Attack Simulation (BAS) as-a-Service has forever changed pen tests as we know them. From months to minutes, cloud-based BAS has revolutionized how fast organizations can get security assessment results, and how much they must pay to know how secure they are at any given point in time. Predicting the Present In February 2018, Mr. Augusto Barros, Research VP at Gartner, predicted that breach and attack simulation technology (BAS), combined with vulnerability assessments,.

March's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. Cybercrooks were very active in March 2019 successfully attacking Asus, Toyota, Jackson County, Earl Enterprise restaurants (e.g., Planet Hollywood), and various other industries.   If we look at the Asus breach, attackers used the Asus’ software update system to distribute their malware to about 1 million Windows computers. It.

In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time.   The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.

  Targeting politicians with cyber-attacks is not new, cybercriminals, hacktivists and rival nations have been doing this for many years. In 2016, Russian hackers allegedly tried to interfere in the 2016 US presidential election. The British parliament was targeted in mid-2017 in an attempt to access the accounts of hundreds of MPs, Lords, aides and staff by the suspected Russia and North Korea. During July 2018, hackers stole 1.5 million accounts patient data in Singapore including those of.

A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users by infecting websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is to infect a victim's computer and gain access to the network within the victims's place of employment. Many conclude that these attacks   are an alternative to Spear Phishing but are quite different..