Threat Research Report: Ransomware Advisory

Ransomware has become one of the most popular and destructive attacks in cyber security in recent years. Instead of stealing data as in most other attacks, the goal of ransomware is to hold the user’s data hostage by making it unusable until a ransom fee is paid. This is accomplished by encrypting the victim’s machine with an encryption key that the attackers then offer to sell back to the victim in exchange for cryptocurrency. The attack is easy once attackers have a foothold and requires little effort to execute, making this method much more cost efficient than other attacks. While ransomware can be thwarted by simply replacing the encrypted machine with a backup image, many organizations do not have the backups and are increasingly paying the ransom rather than accepting the massive data loss, increasing the success rate and popularity of this attack.

View Now

More resources

Threat Research Report: Hafnium Exchange Zero-Days

On March 2, 2021, Microsoft Security Response Center released updates related to vulnerabilities affecting on-premises deployments of Microsoft Exchange Server 2013/2016/2019. Microsoft also revealed details around active exploitation of these vulnerabilities using zero-day exploits. This RQ Threat Advisory outlines the vulnerability and its exploitation in more detail including IoCs (indicators of compromise) and GreyMatter detection […]

Are You Really Hunting? Developing and Implementing a Threat Hunting Methodology .btn {display: none;}.aspect-ratio-16\:9.margin-bottom-md {margin-top: 35px;} The industry emphasis on the constant implementation of new security tools and technologies has led organizations to make substantial investments into security personnel. Those talents are spent primarily on maintenance and reacting to the various alerts that these disparate technologies are built to address. A vast amount of time […]