27 matches found
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is at 8:45 AM ET on the 24th. I’m briefly speaking at the EPIC Champion of Freedom Awards in Washington, D...
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice DoJ wit...
Hive Pro Announces Relocation and Expansion of Headquarters to Support Growing Cybersecurity Demand
New Headquarters to Catalyze Innovation and Strengthen Commitment to Customer Success July 19, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market is thrilled to announce its upcoming corporate relocation to a new state-of-the-art headquarters in Herndon, Virginia. Th...
U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer
A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention CDC were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important...
‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted...
Babuk Ransomware Builder Mysteriously Appears in VirusTotal
The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...
Babuk Ransomware Gang Mulls Retirement
Just a few days after hackers bragged about purportedly raiding the computer systems of the Washington D.C. Metropolitan Police Department MPD and doxxing what looked like its data, the Babuk ransomware-as-a-service RaaS gang prepared a goodbye note saying that they’re hanging up its spurs...
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with "high confidence" to government operatives working for Russia's Foreign Intelligence Service SVR. "Russia's pattern of malign behaviour around the world – whether in...
Phantom Acquisition Lets Splunk SOAR
At the SplunkLive! Conference in Washington, D.C., Splunk gave a presentation on Phantom, a Security Orchestration, Automation, and Response SOAR system. Splunk acquired Phantom this year for $350 million...
Twenty Years of Network Security Monitoring: From the AFCERT to Corelight
I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future. Twenty years ago this month I joined...
AWS Public Sector Summit 2017: Cloud Super Powers and Security
Coalfire recently returned from the Amazon Web Services AWS Public Sector Summit, held in Washington, D.C., which addresses some of the most pressing issues todays leaders face around security, governance and compliance, and more. While Coalfire has attended the show in the past, we were especial...
Tracing Spam: Diet Pills from Beltway Bandits
Reading junk spam messages isn't exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here's the simple story of how a recent spam email advertising celebrity "diet pills" was traced back to a Washington, D.C.-area defense...
New Call to Regulate IoT Security By Design
A Washington, D.C. think tank whose mission is critical infrastructure security has joined the call for lawmakers to consider regulating the security of connected devices. In a report published this week, the Institute for Critical Infrastructure Technology pinned the blame for a rash of Mirai...
Brian Donohue on the NSA Panel Report
Dennis Fisher talks with Brian Donohue, Threatpost’s Washington, D.C. writer, about the new report from the NSA reform panel and whether any of the recommended changes will ever be implemented...
California issued cease and desist order against Bitcoin Foundation
The Bitcoin Foundation has received a cease-and-desist letter from the California Department of Financial Institutions, which oversees banks, credit unions, and other financial organizations operating in the state. Jon Matonis, who is a board member at the Foundation, revealed the letter on Forbe...
California issued cease and desist order against Bitcoin Foundation
The Bitcoin Foundation has received a cease-and-desist letter from the California Department of Financial Institutions, which oversees banks, credit unions, and other financial organizations operating in the state. Jon Matonis, who is a board member at the Foundation, revealed the letter on Forbe...
Popular WordPress Themes, Plug-Ins Vulnerable to Attack
Since late March, no fewer than a half-dozen high profile attacks have involved a compromised website built on the WordPress platform. Attackers abuse vulnerabilities in the content management system’s customizable plug-ins and themes to pull off anything from drive-by downloads to watering hole...
65 Sites Compromised in ZeroAccess Trojan Attacks
As many as 65 websites have been compromised in an attack that has snared another Washington, D.C.-area media website as well as a number of travel and leisure sites. While the sites aren’t topically related, they’re all hosting advertisements injected with malicious code hosted on...
Hacked Media Sites Serving Fake AV Malware
Websites belonging to a number of Washington, D.C.-area media outlets have been compromised in a series of opportunistic attacks with criminals using a watering-hole tactic to spread scareware, or phony antivirus software. Popular D.C. radio station WTOP, sister station Federal News Radio, and th...
Council on Foreign Relations Website Hit by Watering Hole Attack, IE Zero-Day Exploit
UPDATE – Another high profile watering hole attack has been discovered, this one targeting visitors to the Council on Foreign Relations website. The CFR is a Washington, D.C.-based think tank that provides foreign policy and foreign affairs resources to government officials, journalists, and...