The Securonix Threat Research Team (STR) is actively investigating the details of the critical targeted Wastedlocker ransomware attacks that reportedly already exploited more than 31 companies, with 8 of the victims being Fortune 500 companies, to help our customers detect,...

The Securonix Threat Research team has recently been observing a number of new attacks/ security issues reported involving different remote workforce teleconferencing applications (TA), including Zoom, Cisco Webex, and Microsoft Teams. Some examples of the attacks/exploits reported include Zoom UNC...

In recent weeks, as many businesses have been rushing to institute a shift to remote work due to the COVID-19/coronavirus situation, we have been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors. Download...

The Securonix Threat Research Team has been actively investigating the details of recent, critical targeted ransomware attacks against healthcare and data center cloud and managed service providers (MSP) that have been reported over the past couple of weeks. These attacks...

The Securonix Threat Research Team has been closely monitoring the LockerGoga targeted cyber sabotage/ransomware (TC/R) attacks impacting Norsk Hydro (one of the largest aluminum companies worldwide), Hexion/Momentive (a chemical manufacturer), and other companies’ IT and operational technology (OT) infrastructure, causing...

In recent months, we have been observing an increase in the number of automated attacks targeting exposed cloud infrastructure/Hadoop/YARN instances. Some of the attacks we have been seeing – for example, Moanacroner (a variant of Sustes) – are fairly trivial,...

The data breach suffered by British Airways earlier this year affected around 380,000 customers and resulted in the theft of customer data including personal and financial details. The attack was highly targeted and utilized customized JavaScript/digital card skimmers loaded from...

The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000. After staying dormant for few years, a new variant of KRONOS, known as Osiris, was discovered in...

The Securonix Threat Research team recently learned of a new high-profile cyber attack targeting SWIFT/ATM infrastructure of Cosmos Bank (COSDINBB), a 112-year old cooperative bank in India and the second largest in the country, resulting in over US$13.5 million stolen.

The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims. Securonix Threat...

Cryptojacking is the unauthorized use of someone else’s computer to secretly mine cryptocurrency (also known as virtual or digital currency). According to a recent report from Fortinet, Cryptojacking attacks impacted over 28 percent of companies this year, a spike representing...

SamSam is a prevalent ransomware that has been observed across multiple industries including healthcare, government, and critical infrastructure/ industrial control systems (ICS) in 2016, 2017, and 2018. In March, the ransomware targeted five of the Atlanta’s thirteen local government departments...