Grief Gang’s New Quadruple Extortion Scheme Doesn’t Change the Game
Imagine heading to work on a Monday morning. You stop at Starbucks on the way in for a little caffeine jumpstart. Traffic was bad—as usual, but you’ve seen worse. You sit down at your desk and bring your computer to life and find a message on the display letting you ... Read More
Microsoft Zero-Day-of-the-Month Club
When it comes to zero day attacks against Microsoft products, I often feel like Bill Murray’s character in the movie Groundhog Day. It seems like I keep waking up to the same scenario over and over and over, with attackers repeatedly exploiting zero-day vulnerabilities against Microsoft products. ... Read More
Microsoft Vulnerability Exposes Thousands to Risk…Again
I can’t deny that Microsoft competes with Cybereason, but the truth is, I owe a lot of the success of Cybereason to Microsoft. After all, the lion’s share of what we do as defenders is protect against exploits targeting vulnerable Microsoft platforms and applications. ... Read More
Afghanistan, the Taliban and National Security
The United States may have left classified or sensitive intelligence behind as US forces withdrew and evacuated from Afghanistan. That information might now be in the hands of the Taliban. There was also a report this week about an alleged cyber breach at the US State Department. These are both ... Read More
T-Mobile and BlackBerry: More Lessons Learned the Hard Way
We learned this week that T-Mobile was the victim of a data breach that exposed data from tens of millions of customers, and then we found out that there is a flaw in BlackBerry’s QNX operating system that puts hundreds of millions of devices at risk. These events don’t impact ... Read More
LockBit Ransomware Wants to Hire Your Employees
If I offer you a million dollars right now, would you betray your company and help me compromise their data? What if I told you that there is a ransomware group out there that is doing just that? Would you take the bait? Are you sure that others in your ... Read More
‘DeadRinger’ Reveals Pervasive Cyber Espionage Campaign
In the summer of 2019, our researchers discovered a massive malicious campaign against telecommunications providers that we dubbed Operation Soft Cell. This week, our researchers revealed details of more pervasive attacks against telecommunications providers. The DeadRinger report reveals a cyber espionage campaign out of China targeting providers in Southeast Asia ... Read More
Ransomware Attacks: Will G7 and Biden-Putin Summits Prove Fruitful?
I’ve been very busy lately. Between the back-to-back ransomware attacks and the release of our ransomware report highlighting the impact on business from ransomware attacks, I have been asked to share my thoughts and insights on a variety of broadcast and print media outlets. ... Read More
Deja Vu: What Do NotPetya and SolarWinds Have in Common?
As I was waking up in Boston on the morning of June 27, 2017, reports were being shared on social media that an electric power supplier in Ukraine was hit by a cyber attack. Within about an hour, a Danish power supplier was also knocked offline and Maersk shipping announced ... Read More
The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow
In the past few months, we’ve faced massive attacks with SolarWinds and the HAFNIUM attacks targeting Microsoft Exchange, followed by the unprecedented ransomware attack by DarkSide that crippled US critical infrastructure. It is time to ask ourselves again, what is really going on? More importantly, the time has come for ... Read More
