Skip to Content

Tag: Supply Chain Attacks

REvil Ransomware: What’s Next?

When ransomware hits the news cycle, and even the non-cyber security folk have questions, you know it’s gone big. This time it’s REvil again, and we can’t seem to escape it. The entire security community has been on fire over the last few days looking at what’s going on with REvil, along with any journalist […]

Q1 Vulnerability Roundup

In the first quarter of 2021, several high-severity vulnerabilities were used as a conduit to solicit several malicious campaigns. This included malware and ransomware operators, nation-state actors targeting software suppliers for supply chain attacks, and continued targeting of virtual private network (VPN) devices. The first quarter of 2021, as observed in our vulnerability roundup, has […]

Q1 Ransomware Roundup

Consistency is the first word that springs to mind when assessing ransomware activity throughout the Q1 of 2021. There have been consistent double extortion ransomware activity levels, with key players in the threat landscape continuing where they left off in 2020, regularly adding data stolen from victims to their data leak websites. Consistent pressure from […]

SolarWinds Compromise: What security teams need to know

The Cybersecurity and Infrastructure Security Agency (CISA) recently released an Emergency Directive reporting on a long-running supply-chain attack actively exploiting product updates by the IT management company SolarWinds.  Attackers were able to monitor SolarWinds’ network traffic and maintain persistence on affected systems and environments by leveraging trojanized versions of product updates. The campaign likely began […]

Impersonator Syndrome: Supply chain lures and COVID-19 cures

It’s been a tough few months for the healthcare industry (and for all of us in general). While we’ve reported on recent Q3 ransomware campaigns targeting the healthcare industry, a new campaign targeting COVID-19 vaccine supply chain partners has emerged. Last week, IBM X-Force reported on a campaign targeting the healthcare industry seeking to capitalize […]