Cymulate’s August 2021 Cyberattacks Wrap-up No summertime vacation for threat actors who were once again very busy during August 2021, launching ransomware attacks against several organizations. The Conti ransomware operators were very active this month, breaching the systems of SAC Wireless, a US-based Nokia subsidiary. They were able to upload the stolen information to their cloud server and to encrypt files on the compromised systems. The FBI has connected Conti to more than 400.
Cymulate’s July 2021 Cyberattacks Wrap-up July 2021 started with an affiliate of the notorious REvil gang conducting a ransomware attack targeting Miami-based information technology firm Kaseya. It infected thousands of victims in at least 17 countries through firms that remotely manage IT infrastructure for multiple customers. The threat actors demanded a ransom of a rumored $50 million that the company stated it did not pay, but instead had obtained a decryption tool from a “third party”. .
Cymulate’s June 2021 Cyberattacks Wrap-up June 2021 saw a number of ransomware attacks and ransom payments. Gold Northfield, the REvil ransomware group, launched various attacks targeting high-profile targets. JBS Foods, one of the world’s largest meat producers, paid the equivalent of $11 million to restore its operations in Australia, the USA, and Canada after being infected by REvil. Also Fujifilm fell victim to a ransomware attack by the REvil threat actors using the Qbot Trojan, as did.
Cymulate’s May 2021 Cyberattacks Wrap-up During May 2021, threat actors, quite likely DarkSide, went big-game hunting, hacking the Colonial Pipeline Co., which operates one of the largest U.S. fuel pipelines. The company decided to comply with the ransom demand and paid $5 million to restore operations. Also in May 2021, branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were hit by ransomware cyberattacks. This cyber attack followed the announcement of.
Applying The Wisdom of Many Jane Benitz Wong, Vice President Security Products, Splunk I love my work. Product management is a combination of science and art as products must appeal to both the heart and mind of our customers. Even in a high-tech industry like cybersecurity, the most successful products are those of rich functionality and capabilities, which are also intuitively usable and look cool. I am often asked to sit on the board of directors or advisory board of rising technology.
Cymulate’s April 2021 Cyberattacks Wrap-up Threat actors stepped up their game during April 2021, with ransomware groups finding new ways to increase their profits by putting on corporate victims. For instance, the DarkSide ransomware group is openly approaching stock traders to offer them inside knowledge of their latest corporate victims, which would allow the brokers to short sell the breached company’s stock before any data is leaked and the breach becomes public. The Babuk ransomware group.
Cymulate’s March 2021 Cyberattacks Wrap-up Threat actors were busy during March 2021, breaching major companies such as SITA, a global IT company supporting 90% of the world’s airlines. In this case, the PII belonging to airline passengers was stolen, including their names, card numbers, and status level. In the Netherlands, the stolen personal data of an estimated 7.3 million residents were offered online for sale. The data was stolen from RDC, a company that provides car garages with IT.
The Attack in Plain English Last Tuesday March 2nd Microsoft announced that a Chinese Nation-State actor they called HAFNIUM had been utilizing four zero-day vulnerabilities on premises version of Microsoft Exchange. Microsoft and other researchers say that the Chinese government had successfully penetrated and expanded into what was initially thought to be around 30,000 US companies and organizations. Since then, the number has been expanded to 60,000 companies and includes companies.
Compromising a Domain With the Help of a Spooler My job in the Cymulate Research Lab is to craft and implement attack scenarios for Cymulate customers to launch in their environment and increase their cyber-resilience. In this tech-blog post I will show how an attacker can gain access to corporate assets from an initial foothold by combining multiple techniques. The scenario is performed in two stages. In the first stage we will abuse unconstrained delegation and use techniques to enumerate.
Strategic Value: Proven by Customer Data As a veteran cybersecurity professional, I get excited when I find a solution that is both strategic and disruptive. Things that simplify, accelerate and optimize my customer’s ability to adapt to changing threats is paramount to me. These elements lead to enterprises minimizing risks, enabling business and building skills. It leads to happier and more confident individuals, teams and companies. Continuous Security Validation through breach attack.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips