Security

Vigilante(s?) Troll Emotet Malware

Suspicious Link, a malware research Twitter personality who follows suspicious links, tweeted about a recent discovery. Someone is replacing Emotet payloads with gifs of James Franco. To explain this phenomenon...

Security

How Law Firms Can Defend Against Accidental Emails

The sad truth is, most of us have experienced a Homer Simpson moment when we realize we’ve mistakenly sent an email to the wrong person. It’s pretty much inevitable, really, when you consider email is the backb...

Security

900 Pulse Secure VPN Servers Exposed

Russian-speaking hacker forums have a list of a list of plaintext usernames, passwords, and IP addresses. ZDNet along with multiple sources in the cyber-security community verified the list’s authenticity. The ...

Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all refere...

Security

Reduce Business Risk with Security Awareness Training

It’s a safe bet that when Benjamin Franklin coined his famous maxim, “An ounce of prevention is worth a pound of cure,” he wasn’t presciently addressing today’s IT professionals (he was clever, but not that cle...

Alerts

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Original release date: August 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administratio...

Alerts

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020 Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (N...

Alerts

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are v...

Alerts

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise a...

Alerts

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Original release date: July 16, 2020 Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK ...