Motherboard posted a very interesting article on the person behind the breach of Hacking Team. Many people heard about Hacking Team being hacked however until now, there wasn’t any explanation of who, how or why it was done. The original post can be found HERE.
Back in July of last year, the controversial government spying and hacking tool seller Hacking Team was hacked itself by an outside attacker. The breach made headlines worldwide, but no one knew much about the perpetrator or how he did it. Continue reading →
Cisco’s research group Talos posted a detailed article on the history and current state of Ransomware HERE. They provided some best practices to protect your organization from being compromised. It is a bit of a long read but worth spending the time to check out.
The rise of ransomware over the past year is an ever growing problem. Businesses often believe that paying the ransom is the most cost effective way of getting their data back – and this may also be the reality. The problem we face is that every single business that pays to recover their files, is directly funding the development of the next generation of ransomware. As a result of this we’re seeing ransomware evolve at an alarming rate. Continue reading →
The Kernel posted a fantastic article on how to create a new digital identity. The original post can be found HERE. You may think it is as simple as creating a new email or social media account however there are many ways to be tracked. This post goes into those details. Continue reading →
This blog post will cover how to upgrade a virtualized FirePOWER manager from 126.96.36.199 to 6.0.1, ASA5512X running 188.8.131.52 centrally managed to 6.0.1 and 5506X not centrally managed from 184.108.40.206 to 6.0.1. I will also show how to install both the unified and non unified versions of 6.01. Let me explain what that means. Continue reading →
Cisco Talos posted a great article on a new variant of ransomware targeting healthcare. The original post can be found HERE.
Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. A particular focus appears to have been placed on the healthcare industry. Continue reading →
Anonymous posted a warning video to Denver regarding its recent homeless camp cleanup law. Anonymous pointed out many reasons why this new law is a violation of human rights and states they would prefer a peaceful resolution. However, they claim “Expect Us”, so most likely actions will be taken against Denver officials if nothing is done about this threat. This post contains the Anonymous video and cbs article on this topic found HERE. Continue reading →
A Exploit kit is collection of redirection pages, landing pages, exploits and payloads designed to automatically infect users for a revenue stream. Exploit kits are typically not using targeted attacks meaning they try to get any system on the internet that is vulnerable to access their website and usually deliver ransomware. Examples of exploit kits are Kaixin / Gongda, Neutrino, Nuclear, RIG and Angler. Looking at Angler, it can exploit 9,000 systems on any given day and successfully compromise 5,400 of those systems. In terms of dollars, this can mean around $30 million dollars per year from the delivered ransomware. This post will cover whats involved with exploit kits including what can be done to protect your system from being exploited. Continue reading →
I received a request to be part of a banking scam and decided to play it out with false information. Below is a series of emails I received as I communicated with this obvious scam. Make sure you question anything like this because most likely somebody is trying to trick you. Indicators of a scam include broken English, asking to wire money, lack of details about the parties involved and unwillingness to give information linked to the actual conversation such as in this case, the bank’s 1800 number that I could call and ask for the so called “employee” involved.
This scam started off with a email blast, which hit one of my real email spam folders. If you google the number, names, etc. from these emails, you will find many other people have flagged this guy. Continue reading →