Attacks

While it isn’t necessarily a novel tactic to utilize legitimate resources to aid in phishing campaigns, it is an effective one. Often when an end-user receives a phishing email from a legitimate source such as Adobe Sign, it makes them much more likely to fall for it as many users don’t know how to properly identify a phishing email. Many times, training around phishing states to look for things such as a suspicious title, suspicious…

Read More

Phishing techniques have a high prevalence in the current threat landscape and are often employed as an initial attack vector by threat groups. Archive files hiding malicious payloads are also frequently utilized by threat groups. Additionally, YoroTrooper makes use of open source and on-the-market tools to make attribution more difficult. However, these tactics also present an opportunity for defenders and researchers to develop detections for an attacker’s toolkit by focusing on open source offensive tools.…

Read More

Customers of Latitude Financial should consider taking the following steps to reduce the chance of further damage occurring as a result of the breach. 1. Monitor financial accounts: Check bank and credit card statements regularly to ensure that there are no unauthorized transactions. If any suspicious activity is noticed, it should be reported immediately. 2. Change passwords: Although Latitude has stated that no passwords were compromised in the attack, it is always a good practice…

Read More

One of the best methods to prevent brute force attacks from succeeding is to have strong passwords implemented across all systems. Creating passwords that are 20+ characters in length, with a random mix of uppercase and lowercase characters, special characters, and numbers is an efficient way to prevent a brute force attack from allowing a malicious user to gain access to a system. Limiting login attempts is another way to prevent brute force attacks from…

Read More

To protect best against a campaign such as this, it is recommended to provide user education into common phishing tactics as well as overall emerging cybersecurity risks and vulnerabilities. It is important to employ a defense-in-depth strategy to detect this activity at a different portion of the attack chain, such as detecting lateral movement or reconnaissance activity. Binary Defense’s MDR and Threat Hunting services are an excellent solution to assist with such a program. https://www.bleepingcomputer.com/news/security/medusa-ransomware-gang-picks-up-steam-as-it-targets-companies-worldwide/

Read More

While typically it is recommended to maintain good threat intelligence and an adequate patching schedule, neither of these recommendations would apply in this case as this vulnerability was exploited as a 0-day prior to the patch that was released in February. The best defense against 0-day vulnerabilities is to employ a defense-in-depth strategy. While it won’t stop the 0-day, employing this strategy makes it much more likely to detect the attack at an earlier step…

Read More