Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken: The researchers said their break came when they understood that while Zeppelin used three different types of encryption keys to encrypt files, they could undo the whole scheme by factoring or computing just one of them: An ephemeral RSA-512 public key that is […]
Cyber News, Cyber Threat Trends
The ability for employees to work remotely comes with many benefits, from better work-life balance to lower expenses to higher productivity. But a widely dispersed workforce can pose some great challenges for security teams, not least of which is how remote work affects security incident reporting. With companies growing more accustomed to implementing security technologies […]
Cyber News, Cyber Threat Trends
Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The U.S. District Court for the Southern District of New York imposed monetary sanctions against the defendants and their U.S.-based legal counsel. The defendants have also been asked to pay Google’s attorney […]
Cyber News, Cyber Threat TrendsFifth of portfolio companies feature “zero tolerance findings”
Cyber News, Cyber Threat TrendsSeveral of the men diverted funds intended for hospitals
Cyber News, Cyber Threat TrendsResearchers also discover two additional new variants
Cyber News, Cyber Threat Trends
Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012. The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest […]
Cyber News, Cyber Threat Trends
ACM.117 Avoid unnecessary charges by stopping AWS EC2 instances when not in use In the last post we considered how someone might bypass the controls we created for user-specific VMs. User-Specific EC2 Instance Now what if we wanted to automatically stop the VM after it has been created? It doesn’t need to be running until the […]
Cyber News, Cyber Threat Trends
ACM.116 Other security controls and policies to consider for user-specific EC2 instances This is a continuation of my series on Automating Cybersecurity Metrics. Code in the last post automatically stops a VM after deploying it to help save money when resources are created before they are needed for use. https://medium.com/@2ndsightlab/automatically-stop-vms-on-aws-792cded54578 Now that we have deployed our […]
Cyber News, Cyber Threat Trends