Editor’s note: Dean Murphy, Brandon Tirado, and Joseph Morales all contributed to this blog. The “SocGholish” (aka FakeUpdates) malware distribution framework has presented a gripping tale of intrigue and suspense for ReliaQuest this year. Just in January, we’ve identified and responded to two discrete “hands-on-keyboard” intrusions traced back to a SocGholish compromise. We contained both […]
The cyber risk facing the manufacturing sector is likely greater at this point than ever before. Cybercriminals have demonstrably pivoted towards targeting manufacturing sector companies, likely after recognizing the sensitivity of manufacturing towards extended outages. This observation has been confirmed by our analysis of ransomware activity in 2021 and 2022. There is also an ever-present […]
Recent reporting from Microsoft has shone light on the “HolyGhost” ransomware group, a cybercriminal outfit originating from North Korea. While this might appear like yet another ransomware group, in what is an increasingly saturated market, HolyGhost holds a number of distinctions from their peers. Conducting cybercriminal operations from a communist state represents a number of […]
As you’d imagine, our talented team of intelligence analysts spend a considerable amount of time reading different material each month, in order to stay abreast of the latest developments within our industry. This puts the team in the best place to provide answers to the important questions that our clients need to know about. Some […]
It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held hundreds of thousands of devices around the world hostage in 2017. While the WannaCry attack was catastrophic, the worm-like ransomware attack also served as a lesson for cybercriminals and network defenders alike. From a cybercriminal’s […]
On 23 Feb 2022, Russian forces started a military operation targeting Ukraine. Reporting indicates that shelling in several Ukrainian cities has occurred, and footage from Kharkiv’s border shows Russian vehicles moving into Ukraine. In a fiery televised address, President Vladimir Putin has threatened dire consequences to any nations seeking to prevent this, labeling his offensive […]
The past three months have been a particularly challenging time for security teams. 2021 rounded off in the most spectacular fashion—if you can call it that—with the discovery of the Log4Shell vulnerability leaving security teams scrambling to identify and fix systems before threat actors could exploit. We’ve written a considerable amount on the issues surrounding […]
Ransomware continued to represent arguably the biggest headache for incident responders and blue teams in 2021, and the upcoming year will almost certainly continue in the same vein. Digital Shadows (now ReliaQuest) observed a persistent rise in both the numbers of attacks being committed, price of ransom fee being charged, and the numbers of groups […]
Note: This blog is part of a three-blog series on Vulnerability Intelligence that accompanies the release of Digital Shadows (now ReliaQuest)’ latest whitepaper titled Vulnerability Intelligence: Do You Know Where Your Flaws Are? The numerous roadblocks facing vulnerability management (VM) teams are one of the key points raised in our vulnerability Intelligence research. Whether you […]
Emotet is back again on the scene and, to be fair, we’re not surprised. Its predictable return has come just ten months after the takedown of its infrastructure, following an internationally coordinated law enforcement operation in January 2021. If you need a refresher on that operation, Digital Shadows (now ReliaQuest) published two analyses a few […]