Cymulate’s August 2021 Cyberattacks Wrap-up No summertime vacation for threat actors who were once again very busy during August 2021, launching ransomware attacks against several organizations. The Conti ransomware operators were very active this month, breaching the systems of SAC Wireless, a US-based Nokia subsidiary. They were able to upload the stolen information to their cloud server and to encrypt files on the compromised systems. The FBI has connected Conti to more than 400.
Cymulate’s July 2021 Cyberattacks Wrap-up July 2021 started with an affiliate of the notorious REvil gang conducting a ransomware attack targeting Miami-based information technology firm Kaseya. It infected thousands of victims in at least 17 countries through firms that remotely manage IT infrastructure for multiple customers. The threat actors demanded a ransom of a rumored $50 million that the company stated it did not pay, but instead had obtained a decryption tool from a “third party”. .
Cymulate’s June 2021 Cyberattacks Wrap-up June 2021 saw a number of ransomware attacks and ransom payments. Gold Northfield, the REvil ransomware group, launched various attacks targeting high-profile targets. JBS Foods, one of the world’s largest meat producers, paid the equivalent of $11 million to restore its operations in Australia, the USA, and Canada after being infected by REvil. Also Fujifilm fell victim to a ransomware attack by the REvil threat actors using the Qbot Trojan, as did.
Cymulate’s May 2021 Cyberattacks Wrap-up During May 2021, threat actors, quite likely DarkSide, went big-game hunting, hacking the Colonial Pipeline Co., which operates one of the largest U.S. fuel pipelines. The company decided to comply with the ransom demand and paid $5 million to restore operations. Also in May 2021, branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were hit by ransomware cyberattacks. This cyber attack followed the announcement of.
Introduction On March 2nd Microsoft announced that a Chinese Nation-State actor they called HAFNIUM had been utilizing four zero-day vulnerabilities on premises version of Microsoft Exchange. Microsoft and other researchers say that the Chinese government had successfully penetrated and expanded into around 60,000 companies, globally. Microsoft released a patch on the same day of the announcement. Being well thought out and planned, the attack established backdoors that remain even if the.
“No Thanks." The phone is picked up, “We have a service that does that” says the 5th CISO that day. Welcome to my life. I’m an Inside Sales Representative, at Cymulate, and I speak to dozens of InfoSec Execs a week, and the first thing I hear is that some form of testing is being done, whether it’s vulnerability scanning or pen testing, with no more services required. My challenge is to convince them that it’s worth their while to learn about a new and better approach to security testing. .
A site visitor asked “What is an email gateway attack simulation? How is that different from phishing testing?” Both good questions, let’s have a look: Email Gateway Attack Simulation 101 Email gateways are software and/or appliances that sit between inbound email and your users’ mailboxes. These systems evaluate each inbound email (and often outbound email) that is processed by your company’s email systems. Evaluations can include looking for phishing-like language, checking any links to.
The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million.
In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time. The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.
**Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video feature on Microsoft Word to execute malicious code (Read the press release here). Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video with.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips