APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…400,000 Individuals Affected by Email Breach at West Virginia Healthcare Company
Monongalia Health System (Mon Health) this week disclosed a business email compromise (BEC) incident that was the result of unauthorized access to its email system. read more more…Check up on Your Virtual Safety: Tips for Telehealth Protection
Check up on Your Virtual Safety: Tips for Telehealth Protection In a poll conducted by the Canadian Medical Association, nearly half of Canadians have used telehealth services since the start of the pandemic. Additionally, in a recent McAfee study, we found that 21% of Canadians have used the internet for a doctor visit in 2020, […] more…Why is similarity so relevant when investigating attacks
The concept of similarity is pretty straightforward: are two files similar? There are many ways to figure it out. That’s why different similarity algorithms exist. Now, why is this useful? Attackers need tools for their attacks, basically malware. Malware in the end is a piece of software, built from frameworks, code and libraries, and takes […] more…VirusTotal multisandbox += VenusEye
VirusTotal multisandbox project welcomes VenusEye. The VenusEye sandbox is currently contributing reports on PE Executables, documents and javascript. In their own words: VenusEye Sandbox, as a core component product of VenusEye Threat Intelligence Center, is a cloud-based sandbox service focused on analyzing malwares and discovering potential vulnerabilities. The sandbox service takes multiple(~100) types of files […] more…Varying Degrees of Malware Injections Decoded
It is no longer the day of human-readable injections, or even the use of basic encoding schemes like base64. Instead we’re seeing a rise in complex, and in some instances, elusive encoding schemes that carry with them a big punch. There are varying degrees of malware injections that include some of the following traits: Encoding (pretty […] more…More information
- Order out of Chaos – Using Chaos Theory Encryption to Protect OT and IoT
- Zero-Day Malvertising Attack Went Undetected For Two Months
- Will CrowdStrike Be a $1 Trillion Company By 2030?
- Popular Mobile Modems Plagued by Zero-Day Flaws
- CrowdStrike CEO says cybercriminals are leveling up
- Nintendo Says 300,000 Accounts Breached After Hack
- File Transfers Cost You More Than You Realize-What to Do About It
- Hacker indicted for stealing 65K employees’ PII in medical center hack
- FireEye Unveils New Solutions, Capabilities
- Public release of IE exploit could spark widespread attacks