-
Nov 19, 2023
The Russian cyber espionage group Gamaredon, affiliated with Russia’s Federal Security Service (FSB), has been observed using a worm called LitterDrifter, which spreads through USB devices in targeted attacks against Ukrainian entities. This tactic signifies an evolution in the group’s… read more »
-
Nov 12, 2023
At first glance, the relationship between privacy on Android phones may seem complicated. Given Google’s prominent role in the advertising business, where the bulk of its revenue is generated, it can be challenging to reconcile the idea of data collection… read more »
-
Oct 29, 2023
Microsoft has monitored the actions of a group named Octo Tempest (identified by Crowdstrike as Scattered Spider and my Mandiant as UNC3944), which has targeted multiple firms to extort money. The cybercriminals, linked to the BlackCat group (ALPHV), use a… read more »
-
Oct 20, 2023
What’s the difference between IoA and IOC, and why is it crucial to incorporate them into a security strategy? TL;DR Courtesy of CrowdStrike IoC IoA Artifacts that suggest a system has been breached. Patterns of behavior that indicate that an… read more »
-
Oct 8, 2023
Ransomware groups are constantly evolving their tactics and techniques to stay ahead of defenders. Cybersecurity firm Red Sense collected some information on major ransomware groups this summer, and created this useful chart showing the main changes they made to their… read more »
-
Oct 7, 2023
Personally, I am a big fan of NextDNS, a DNS service that (similar to PiHole) allows you to block traffic to advertising circuits, tracking and telemetry systems. This is why I have always been fascinated by the possibility of reproducing… read more »
-
Sep 26, 2023
RansomedVC is a recent ransomware collective, which was initially detected by Malwarebytes and SocRadar in August 2023 after publishing information about nine victims on its dark web page: It gained notoriety after announcing that it had violated SONY: The singular… read more »
-
Sep 24, 2023
Stealth Falcon APT (aka Project Raven or FruityArmor), a state-sponsored hacking group from the United Arab Emirates (UAE), is mainly known for targeting activists, journalists, and dissidents in the Middle East. Cybersecurity researchers from ESET have discovered a previously undocumented… read more »