Ransomware attacks have been getting worse for quite a while. This leaves many of us wondering why they can’t be stopped. Can’t law enforcement somehow trace their activities and track them down? Ransomware anonymity tools are one reason they can’t. These tools can also make it more difficult to detect the activities of attackers. To…
Part of our work is doing forensic analysis to determine the cause of ransomware attacks. This is an important part of making sure that ransomware attacks don’t happen again. One issue that comes up frequently in this process is the use of remote desktop protocols (RDP) by ransomware attackers. RDP compromise is not just an…
In the course of our work, we see many companies and organizations devastated by ransomware. When researching the causes of these attacks, unfortunately, we see the same mistakes made over and over and over again. One common that comes up frequently is the use of outdated versions of Windows servers. It’s natural to think that…
Ransomware attacks get more complex every year, but defending yourself or your organization doesn’t have to be complicated. Maintaining a regular cybersecurity routine can get you to a high level of security and keep you there. Penetration testing using tools like Metasploit is central to a robust ransomware prevention strategy. Ransomware attacks increasingly depend on…
It may seem sometimes that the ransomware epidemic is getting worse, but occasionally there’s some good news. At the end of January 2021, years of work by law enforcement culminated in taking down Emotet, one of the world’s biggest malware-as-a-service (MaaS) operations. A joint task force including police from the Netherlands, Germany, the United States,…
Ransomware attacks nearly doubled over the last year, with an estimated 50% of businesses experiencing at least one ransomware attack. Insurance companies have stepped in to address this problem by offering ransomware insurance. In fact, ransomware related claims were the most common type of cyber insurance claim last year. With the size and scope of…
As part of our work in ransomware removal and prevention, we conduct detailed investigations into the methods used by ransomware gangs. The Sodinokibi ransomware gang, also known as REvil, is without a doubt one of the most prolific and effective groups currently active. By some estimates, it may be responsible for as many as…
When it comes to cybersecurity and ransomware response, initial attacks tend to get a lot more attention than the post-breach phase. This is understandable; the first priority is making sure hackers don’t gain access to your network at all. This leads some to neglect cyber security concepts that are central to how ransomware spreads, like…
Understanding the tools ransomware attackers use and how they work can be very helpful in protecting yourself against cyber intruders. The more you know about how hackers work, the more you will understand how to avoid falling into their traps. Hackers are using a tool called Mimikatz to help their ransomware spread through networks. Defending…
Wednesday, 6th January 2021 will be considered one of the darkest days in US history when the epicenter of democracy, Capitol Hill was rushed by an angry mob of Pro-Trump protestors. While mainstream media is discussing how it was a failure of law enforcement agencies their handling of the incident, one aspect that is raising…
