Anthony Grenga, Author at Security Boulevard

IronNet’s January Threat Intelligence Brief

| | Threat Intel Briefs
Looking back on December, I will say that the big news in the cyber world was, of course, the Log4j vulnerability. A remote code execution (RCE) vulnerability (CVE-2021-44228) with a CVSS score of 10.0 was identified within Log4j, a Java-based logging utility. Given the popularity of Log4j and Apache's projects, ... Read More

IronNet’s December Threat Intelligence Brief

| | Threat Intel Briefs
As we look back on November, we have much to report on, such as an FBI email hoax, where attackers abused insecure code in the Law Enforcement Enterprise Portal (LEEP) to send thousands of illicit emails about fake cyberattacks using the federal agency's email address ([email protected][.]fbi[.]gov). Additionally, the Digital Forensics ... Read More

IronNet’s November Threat Intelligence Brief

| | Threat Intel Briefs
As we look back on October, we have much to report on: from Russia upping their nation-state attacks by groups such as APT29 (aka, Nobelium) and APT28 (aka, FancyBear) to Microsoft’s report detailing APT29’s latest phishing campaign targeting the IT supply chain. Abusing the trust in IT supply chain relationships, ... Read More

IronNet’s October Threat Intelligence Brief

| | Threat Intel Briefs
As we look back on September, we have much to report on: from a widespread credential phishing campaign leveraging open redirects in conjunction with reCAPTCHA to the cloud security firm Wiz's recent discovery of four new vulnerabilities in the Open Management Interface (OMI) of Linux-based Azure virtual machines (VM). The ... Read More

IronNet’s October Threat Intelligence Brief

| | Threat Intel Briefs
As we look back on September, we have much to report on: from a widespread credential phishing campaign leveraging open redirects in conjunction with reCAPTCHA to the cloud security firm Wiz's recent discovery of four new vulnerabilities in the Open Management Interface (OMI) of Linux-based Azure virtual machines (VM). The ... Read More

IronNet’s September Threat Intelligence Brief

| | Threat Intel Briefs
As we look back on August, ransomware remains the name of the cyber attack game.A new ransomware familycalled LockFile has surfaced to target victims in various industries around the globe. First seen on the network of a U.S. financial organization on July 20th, LockFile’s latest activity was observed on August ... Read More

The August IronNet Threat Intelligence Brief

July was yet another busy month in the world of cybersecurity. On July 19th, the U.S. government and its allies—including the European Union, the Five Eyes countries, and NATO—publicly condemned and blamed the People’s Republic of China (PRC) for a series of malicious cyber attacks, including the Microsoft Exchange Hacks, ... Read More

The July IronNet Threat Intelligence Brief

Russia once again dominated headlines lat month as both the REvil ransomware gang and APT 28 - SkinnyBoy (SB) were linked to numerous attacks. On the heels of the latest REvil attack on Kaseya this past week, the ransomware group targeted Sol Oriens, a U.S. federal nuclear contractor that consults ... Read More

The June IronNet Threat Intelligence Brief

As we look back on May, it’s clear that adversaries across the globe were rampant — from the ransomware attack of the Colonial Pipeline in the U.S. to the Conti ransomware attack of the Health Service Executive (HSE) in Ireland. Meanwhile, on May 27, Microsoft announced that Nobelium, the threat ... Read More