From a risk management standpoint, the cyber security threat landscape has jumped the shark. The ability to distinguish various threat motives, threat vectors and related impacts to an organization, its people, and its mission, has arguably devolved over the last 5...

The Good Aside from their vast resources, the one characteristic that usually marks out an APT group is stealth. Good news this week, then, as it was reported that some 12,000 Google services users were warned of government-backed threat actors targeting their...

In September of this year, our research team began to track and observe a recently-identified ransomware family dubbed MedusaLocker. This particular ransomware family has a few unique features designed to ensure it encrypts as much data as possible, not only on the...

You've likely heard the names: Emotet, Trickbot, Dridex. These are some of the most notorious botnets currently on the loose in cyberspace, infecting and enslaving hundreds of thousands of machines. Last month, the UK's Labour party was hit by two DDoS attacks from...

As we saw in previous posts, macOS privilege escalation typically occurs by manipulating the user rather than exploiting zero days or unpatched vulnerabilities. Looking at it from from the perspective of a red team engagement, one native tool that can be useful in...

The Good Not a day goes by when we don't hear of yet another school district, or small-medium government entity being attacked with ransomware. This week it was reported that another Ryuk attack hit Louisiana's Office of Technology, which houses the Department of...

Working in infosec and supporting clients and SOCs has always exposed me to a huge number of alerts and incidents. Some of these are more interesting than others. Recently we stumbled across a particular sample of Smoke Loader malware. Smoke Loader has been...

A short while back, we highlighted a recent addition to the Ransomware As a Service (RaaS) universe. Project Root didn't so much burst onto the scene in October of this year, but rather had more of a sputtery start...generating non-functional binaries upon the initial...