In April 2021 the Babuk ransomware gang, already a concerning entity, gained additional notoriety for compromising the Washington, DC police department. As part of this incident, the criminals threatened to release confidential files relating to police operations to spur payment. The group in question earlier gained attention for the combination Read more
TrickBot was in the news quite a bit in early October 2020. Starting with reports of TrickBot disruption in late September 2020 subsequently linked to United States Cyber Command (USCC), events ramped up with an independent coordinated infrastructure take-down organized by Microsoft coming shortly thereafter. There are many avenues of Read more
Media, social feeds, and other sources of news are awash with stories of the “first death linked to ransomware” following an incident in Düsseldorf on 09 September 2020. Since the event, authorities in Nordrhein Westphalen have launched an investigation treating the death as “negligent homicide”. At the time of this Read more
2020 has already been a WILD year to say the least – opening with the assassination of Qasem Soleimani, proceeding through multiple ecological crisis, and continuing with a historical pandemic (and all its implications for information security), we live in very interesting times indeed. And yet, we’ve only just begun! Read more
Two recent articles appeared concerning possible implications of or prompts for the 01 May 2020 Executive Order on the US electric system. Notably, the Executive Order was quickly followed by a US Department of Commerce investigation into the supply of electrical transformers. While the latter would appear related to typical Read more
A new Twitter account appeared on 27 May 2020 for “NSA Cyber”, claiming the following: “Welcome to the intersection of threat intel, vulnerability analysis, and technical expertise! All to better equip you against malicious #cyber activity.” This was a very interesting development, and a separate effort from the US National Read more
Since the COVID-19 pandemic began to spread throughout much of the world, I’ve covered how this slowly unfolding catastrophe will impact the business climate of information security, why cost-saving reductions in network defense may be deeply undesirable, and how responses to certain actions in a pandemic landscape will be difficult Read more
The steadily unfolding COVID-19 pandemic continues to unleash chaos and uncertainty in tandem with the disease’s impacts on human health. In just the past few days, total US new unemployment numbers for the past two weeks increased by over 10 million people, the price of crude oil continues to crash, Read more
Late 02 January 2020 (US Eastern time), the United States launched a strike outside Baghdad airport killing Qasem Soleimani, Iranian general and leader of the paramilitary Qods Force. General Soleimani was a despicable person responsible for promoting conflict and prolonging strife in various areas of the Middle East (among other Read more
Throughout the roiling (and often tiring) discussion over the release and disclosure of “offensive security tools” (OST – previously addressed here), one disadvantage is constantly referenced to show the harm of publicly-available hacking tools and techniques. Put most simply, individuals cite how many organizations either have little or no security Read more