It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held hundreds of thousands of devices around the world hostage in 2017. While the WannaCry attack was catastrophic, the worm-like ransomware attack also served as a lesson for cybercriminals and network defenders alike. From a cybercriminal’s […]
Learning from past mistakes is a crucial part of every job. Four years after WannaCry’s outbreak, analyzing which weak security practices allowed this ransomware to proliferate is pivotal in trying to avoid similar events in the future. This blog focuses on mapping MITRE ATT&CK to the WannaCry campaign and will discuss some of the key […]
In this week’s ShadowTalk it’s all things phishing. Rose Bernard and Simon Hall join Rafael Amado to discuss the recent arrest of three alleged members of the FIN7 organized criminal group. The team look over the United States Department of Justice’s indictment, focusing on how FIN7 use social engineering and sophisticated phishing to great effect, […]
Organizations rely on Digital Shadows (now ReliaQuest) to be an extension of their security team. Our global team of analysts provide relevant threat research, much needed context, tailored remediation advice and managed takedown support to make our clients’ jobs easier and more efficient. Crucially, by having analysts within the intelligence and collection cycle, we’re able […]
Twitter has become an extremely valuable tool for security researchers; experts including Kevin Beaumont and PwnAllTheThings frequently post research findings on the site and following these feeds can be an excellent source for the latest developments in the information security space. However, during major incidents affecting organizations worldwide, including the outbreaks of wCry and NotPetya, […]
With the recent news storm concerning the “WannaCry” ransomware worm, a great deal of mitigation advice has been provided. This advice typically centers around patching, in particular installing MS17-010 from Microsoft (or the KB from Microsoft for XP/2k3), which patches the vulnerability exploited by the ETERNALBLUE exploit used by WannaCry. Much has been made about […]
Earlier today it was revealed that the United Kingdom’s National Health Service was targeted by ransomware known as “WannaCry.” Sixteen NHS organizations were impacted by the attack, and victims have spread across the globe and will likely continue to do so. WannaCry takes advantage of SMB vulnerabilities in Windows, using the ETERNALBLUE exploit which was […]