The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more
"EvilProxy" Provides Low-Skill Threat Actors Access to Advanced Phishing Techniques - A new Phishing-as-a-Service (PaaS) platform dubbed "EvilProxy" has been discovered by Resecurity researchers. PaaS platforms allow...more
Anti-Cheat, Code-Signed Driver Abused to Bypass Privileges and Deploy Ransomware - Trend Micro researchers observed a ransomware infection in late July 2022 that involved a code-signed driver called "mhyprot2.sys", which...more
The Ankura Cyber Threat Investigations & Expert Services (CTIX) team conducted a technical analysis of historical and ongoing adversarial activity associated with the current Ukrainian/Russian conflict. In doing so, the CTIX...more
Cybersecurity does not just pose technical challenges; companies must always keep their eye on the human component of cyber risk. For example, even the most damaging and sophisticated hacks – such as the recent Twitter hacks...more
On May 21, the Federal Bureau of Investigation’s (FBI’s) Cyber Division released an FBI Flash warning recipients that nation-state cyber actors are targeting domestic universities, research institutes and private companies...more
On February 10, 2020, Attorney General William Barr announced the indictment of four members of the Chinese military on charges of hacking into Equifax’s computer networks, maintaining unauthorized access to those networks...more
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well maybe not for the holiday reading list, and we need to be careful not to bring up the...more
“Chinese cyber espionage and cyber-attack capabilities will continue to support China’s national security and economic priorities,” as stated by Dan Coats, the Director of National Intelligence “Americans should not buy...more
The latest report regarding Russia stealing U.S. cyber secrets is yet again centered around the National Security Agency (NSA), using Contractors to gain access, in some cases, to classified data....more
Last week, researchers at Citizen Lab uncovered sophisticated new spyware that allowed hackers to take complete control of anyone’s iPhone, turning the phone into a pocket-spy to intercept communications, track movements and...more
The October blog post will be broken up into two parts. This October 15th post will comment on the TPP Agreement signed today and well as President Xi Jinping’s recent trip to the US and my impressions from Beijing, China...more
Chinese President Xi Jinping made his first state visit to the United States last week, and his itinerary included meetings with U.S. technology company leaders as well as President Barack Obama. Not surprisingly, his hosts...more
On August 30, 2015, the Washington Post broke a story that the Obama administration is developing a package of economic sanctions that will target Chinese companies and individuals who have benefitted from cybertheft. The new...more
U.S. officials have blamed Chinese government-backed attackers for many of the recent cyber attacks on U.S. government and business computer networks: “Researchers and government officials have determined that the Chinese...more
As we approach the dog days of summer, baseball season is again in full bloom. We previously discussed old-fashioned sign stealing in the context of teams trying to gain a competitive advantage during an actual game. But it...more
If you have never taken a close look at Verizon’s yearly Data Breach Investigations Report, we highly recommend that you do. It just came out, and is once again, a very informative read....more
As April comes to a close, it’s time once again for Verizon Enterprise Solutions’ Data Breach Investigations Report to remind us just how important data security is to the corporate world. Released Wednesday, the report,...more
We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information. However, personal information is not the...more