Law Firm Seyfarth Shaw Hit by Damaging Ransomware Attack
Founded in 1945 in Chicago, Illinois, Seyfarth has over 900 lawyers across 17 offices, providing clients all around the world with advisory, litigation, and transactional legal services. The Am Law 100 firm serves more than 300 of the Fortune 500 companies. Over the weekend, the company fell victim to a ransomware attack that spread aggressively…
Elusive hacker-for-hire group Bahamut linked to historical attack campaigns
Attack attribution is one of the most difficult aspects of malware research and it’s not uncommon for different security companies to attribute attack campaigns to different threat actors only to later discover that they were the work of the same group. However, a new paper by researchers at Blackberry stands out by exposing an elusive…
Three common mistakes in ransomware security planning
As the frequency and intensity of ransomware attacks increase, one thing is becoming abundantly clear: organizations can do more to protect themselves. Unfortunately, most organizations are dropping the ball. Most victims receive adequate warning of potential vulnerabilities yet are woefully unprepared to recover when they are hit. Here are just a few recent examples of…
DoD, DHS Warn of Attacks Involving SLOTHFULMEDIA Malware
SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The RAT is capable of running arbitrary commands, terminating processes, taking screenshots, modifying the registry, and…
Report: Hunting Evasive Malware
Today’s networks have more sophisticated automated defenses than ever, yet cybercriminals are taking full advantage of business disruptions and distractions in 2020. Adversaries are exploiting user behavior and leveraging trusted operating system tools to pursue “actions on objective” and evade detection. When used in combination, these techniques are effective at bypassing automated defenses to gain…
Government Software Provider Tyler Technologies Confirms Ransomware Attack
Tyler this week shut down its website and started informing customers via email that its internal phone and IT systems were accessed without authorization by an unknown third party. The company said the attack disrupted access to some internal systems, and it decided to shut down points of access to external systems while investigating the…
Your best defense against ransomware: Find the early warning signs
scariest things for security pros is how quickly it can paralyze an organization. Just look at Honda, which was forced to shut down all global operations in June, and Garmin, which had its services knocked offline for days in July. Ransomware isn’t hard to detect but identifying it when the encryption and exfiltration are rampant…
Attacks growing in both scope and sophistication, exposing gaps in the cloud native toolchain
There’s a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure, according to Aqua Security. While most attacks were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used open the door for higher-value targets that leverage security gaps in container software supply chains and runtime environments. The report…
Cyber losses are increasing in frequency and severity
Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear. Ransomware attack severity increases In fact, since the beginning of COVID-19, Coalition observed a 47% increase in the severity of…
FBI, NSA Share Details on New ‘Drovorub’ Linux Malware Used by Russia
Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, which is better known as the cyber-espionage group APT 28 (Fancy Bear, Pawn Storm, Strontium, Sednit, Tsar Team). APT 28 is believed to…