Two-step verification can be your best friend but also your worst enemy
Nothing is all good or all bad, however, suspicious user activity cannot be good. This is the story of an organization that had heavily relied on two-factor authentication and had later discovered that every security system has its flaws. Two-factor authentication (also known as 2FA) is a great identity and access management security tool which […]
Infostealer Malware
We don’t use HP printers here! It was a Saturday morning; we were attending the shift and unanticipatedly, our Incident Response ticket count was low. Naturally, this was a good time to review the incidents which occurred last week and maybe learn something new and interesting! We observed a device with multiple detections this week, […]
U.S. department of justice charges two foreign hackers
March 21, 2021 Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud According to several recent articles published by the Washington Post, Bloomberg, and the cyber news website, The Hacker News, two foreign cyber attackers, a Swiss hacktivist and a Russian hacker, were recently charged by the U.S. Department of Justice, in two separate […]
ישראל הפכה ברבעון האחרון של 2020 ליעד הסייבר מספר אחד
קבוצה המזוהה, לפי פרסומים שונים, עם מקורות איראניים העלתה בימים האחרונים לערוץ הטלגרם שלה מסמכים אישיים של ישראלים שאוחסנו בשרתי חברה ישראלית הנתונה תחת מתקפה. לפי הודעת הפורצים, החברה סירבה לשלם כחצי מיליון דולר דמי כופר, ולכן הם החלו בהדלפת המסמכים. הקבוצה חשודה בפריצה בעבר לשרתי חברה ישראלית אחרת. הפורצים הדליפו לרשת חומרים מקצועיים ואף […]
Adversaries to call victims’ business partners as part of the next-level game-changers in ransomware
March 03, 2021 As published by BleepingComputer, in an attempt to pressure their victims into paying ransom, the ransomware gang REvil, also known as Sodinokibi, has announced its plan to call victim’s business partners as well as the media, threatening to release harmful and sensitive materials if the ransom is not paid. The REvil ransomware […]
The top cyber-attack vectors identified during the Covid-19 pandemic
February 23, 2021 According to a 2021 report published by CrowdStrike, supply chain attacks, ransomware, data extortion, and nation-state threats are some of the most commonly used cyber-attack vectors identified during the 2020 Covid-19 pandemic. The top industries affected by these attacks, specifically ransomware attacks that use data extortion tactics, were industry and engineering, manufacturing, […]
France joins US as victim of a “Solar Winds” type cyber attack
February 18, 2021 A report published by the French cyber security agency ANSSI in late January described a SolarWinds type of cyber-attack targeting the French monitoring software Centreon, breaching the security of several local organizations. The attack, which bears resemblance to a recent attack on the US government as part of a series of global […]
Shadow IT – להאיר את הצללים
משה דדוש, מנהל תחום תשתיות אבטחת מידע, טראסטנט
Infostealer Malware
Michael Wainshtain Technical Team Leader, TrustNet LTD
A recent increase in OAuth Office 365 phishing attacks identified by Microsoft
February 07, 2021 A few months ago Microsoft has warned of an increase in consent phishing attacks (also known as OAuth phishing attacks) that have been identified Between September and December 2020. These attacks targeted remote workers who, in light of the Covid-19 pandemic, have increased their use of apps that make extensive use of […]