FAQ – Why Has Ransomware Become So Popular?
Ransomware has been around for over 3 decades. Only now though has it become majorly widespread as a form of cybercrime. Roughly 1/4 of all malware incidents are caused by…
Read more
ALERT! – Critical Zero Day Vulnerability Reported by Google in Libwebp
A critical zero day vulnerability that was already exploited in the wild and patched in Chrome by Google has a new CVE ID (CVE-2023-5129). This issue is not a zero…
Read more
Amazon AWS S3 Buckets Used To Deliver Malware Through S3 Buckets
Malicious threat actors are exploiting expired Amazon AWS S3 buckets to place malicious code into legitimate packages in the npm repository with out having to make modifications to any of…
Read more
Age Shaming Hard Drives, What Is this all about?
At what point should one start to worry about a NAS hard disk failing? There are multiple fact in play that one considers that one turns to data gathered from…
Read more
Part 4 De-Anonymizing Domains on the Dark Web – Catastrophic OPSEC Failures
Catastrophic OPSEC (Operational Security) Failures Sometimes Ransomware gangs make catastrophic security mistakes that unmasks their anonymity. In this last post we will look at how such operational security failures such as…
Read more
Part 3 De-Anonymizing Domains on the Dark Web – Favicon matching
Favicon Matching The second method that is used to uncover a dark web based website on the surface internet (clear internet) is the process of "favicon matching". A favicon is…
Read more
Part 2 De-Anonymizing Domains on the Dark Web – TLS Certificate Matching
The first approach used by Cisco's Talos Threat Intelligence team was that of TLS certificate matching. With this approach the self signed certificate that is used by their dark web…
Read more
The Ability to De-Anonymize Domains on the Dark Web
Members of the Cisco Talos Threat Intelligence team have developed 3 techniques to identify ransomware operators websites hosted on the dark web and their respective IP Addresses. This has given…
Read more
FAQ – What are YARA Rules?
YARA is a pattern matching framework. It is used to identify and classify malware and other IT Security threats. It has a long standing history in the IT security landscape…
Read more
Passenger Devices Pose Cyber Security Risk to Aircraft
With modern day aircraft becoming so dependent on technology, one doesn't really think of them as a platform that is at risk of being hacked. With the way they are…
Read more