The cyber risk facing the manufacturing sector is likely greater at this point than ever before. Cybercriminals have demonstrably pivoted towards targeting manufacturing sector companies, likely after recognizing the sensitivity of manufacturing towards extended outages. This observation has been confirmed by our analysis of ransomware activity in 2021 and 2022. There is also an ever-present […]
Recent reporting from Microsoft has shone light on the “HolyGhost” ransomware group, a cybercriminal outfit originating from North Korea. While this might appear like yet another ransomware group, in what is an increasingly saturated market, HolyGhost holds a number of distinctions from their peers. Conducting cybercriminal operations from a communist state represents a number of […]
As you’d imagine, our talented team of intelligence analysts spend a considerable amount of time reading different material each month, in order to stay abreast of the latest developments within our industry. This puts the team in the best place to provide answers to the important questions that our clients need to know about. Some […]
You may have read about the recent attack affecting motoring powerhouse General Motors (GM), that resulted in significant numbers of GM’s customers having their accounts compromised. Wedding planning company Zola was also impacted by a similar attack in the same week of May 2022, with the attackers using the compromised accounts to redeem gift cards. […]
In 2020, our research report on account takeover (ATO) highlighted the risk of using credentials in an unsafe manner, which was being exploited by cyber threat actors to great effect. In the coming weeks, we will be issuing our follow on report on ATO, which found that many of the problems surrounding credential use remain; […]
It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held hundreds of thousands of devices around the world hostage in 2017. While the WannaCry attack was catastrophic, the worm-like ransomware attack also served as a lesson for cybercriminals and network defenders alike. From a cybercriminal’s […]
The two-month mark of the Russia and Ukraine war has passed, with Russia almost certainly having failed to meet its initial strategic goals. While Russian commentators may try to paint the ongoing conflict in a favorable light, Russian President Putin’s ‘special military operation’ was almost certainly intended to produce a lightning offensive, enabling the Russian […]
At the end of February, the cybersecurity community was rocked by the appearance of alleged chat logs recording conversations between members of the prolific Russian-speaking ransomware group Conti. A Ukrainian cybersecurity researcher published over 60,000 messages allegedly taken from the backend of a Jabber server that Conti used for internal communications. Other cybersecurity researchers have […]
Since Russia’s invasion of Ukraine in February, the Digital Shadows (now ReliaQuest) Photon team has been following multiple aspects of the tragic conflict and its impact on the cybersphere. We’ve explored threat actors’ initial responses to the war, shared advice on how to plan a cyber response to the events, and investigated the revival of […]
What we know about the Okta breach, Lapsus$ group, and what you can do today to protect your organization.