Wiper malware threats have become a concern as geopolitical tensions rise. Security researchers have identified new strain of malware targeting Ukraine, dubbed HermeticWiper. Wiper malware is designed to render systems inoperable and irrecoverable without solid backups. Currently the wiper malware is targeting Ukraine and some surrounding countries including Latvia and Lithuania. But this attack could easily turn toward the US …
Microsoft is finally stepping up the game and blocking Mimikatz-style exploits that steal passwords from system memory. Attackers use this exploit to escalate privileges and laterally move throughout a network. In penetration testing, we use these exploits often. Take a peek at our internal company Fireside Chat we do every Friday. Today’s discussion centered around Microsoft Defender Attack Surface Reduction, …
CISA, the FBI, NSA, the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre released a CISA Joint Cybersecurity Advisory highlighting a rise in ransomware incidents against critical infrastructure organizations in 2021. These ransomware incidents are sophisticated and high-impact. The advisory lists 18 mitigation steps 😬 (included below for reference). I can think of additional items …
The FBI is reporting a massive 10x increase in reported SIM swapping attacks. Attackers hijack your cell number to intercept SMS-based 2 factor authentication messages. That’s why we recommend moving to app-based/soft token or physical token for multifactor authentication. The attackers seem to be currently targeting cryptocurrency wallets, but any online account can be targeted. Our key tips for preventing …
Recently, our CEO, Geoff Wilson, sat down with Adam Snider at KFOR in Oklahoma City to discuss how to parents can protect children from identity theft. Children are valuable targets for identity thieves because they are a clean slate, not negatively affected by past credit, and because the identity fraud can go on for years without being detected. Imagine your …
A newly released set of vulnerabilities termed “Thunderspy” allow an attacker with physical access to your encrypted computer in sleep mode (not powered off and not hibernated) to take full control of your system utilizing a Thunderbolt port. In this compelling video, Thunderspy’s author, Björn Ruytenberg, demonstrates bypassing the Windows lock screen in under five minutes using a set of …
Today we are publicly releasing our Zoom Risk Assessment Toolkit so that organizations can make a risk-informed decision on whether to use Zoom, what compensating controls to put in place, and to be able to communicate these decisions in terms of business risk. This work came about because we were asked to help a client answer the question, “Is Zoom …
How I hacked an electric company using no phishing or social engineering tactics. This company had previous pen tests that missed this underlying vulnerability that plagues so many organizations. We’re using data breach analytics to inform our cybersecurity services to get into the mind of the hacker. The lessons learned at the end of this video are crucial for modern …
Discussing the recent Twitter account breaches of 15 NFL teams and Facebook resulting from a password reset flaw in a third party-developed application, Khoros. Learn how hackers use password reset flaws to bypass authentication and what we can all do to improve social media account security and make sure these flaws don’t bite us! It is time we start treating …
In my latest video below I discuss the largest healthcare data breach of 2019 and how organizations should approach vendor risk management to manage the risk that your vendors present to you. 63% of all healthcare data breached in 2019 was due to the breach of one third-party collection agency, American Medical Collection Agency (ACMA). This breach affected Quest Diagnostics, …
