Ransomware
LockBit Hacker Sentenced To 4 Years Jail Plus Fined $860K
Recent reports about legal proceedings, a 34-year-old Russian-Canadian national, Mikhail Vasiliev, has been handed a sentence of almost four years in Canadian prison. Vasiliev’s involvement in the global ransomware scheme known as ...
RaaS Groups Go Recruiting in Wake of LockBit, BlackCat Takedowns
The effects of the recent high-profile disruptions of LockBit’s and BlackCat ransomware operations by law enforcement agencies are rippling through the dark web, with smaller threat gangs looking to scoop up the ...
T-O-X-I-N-B-I-O – Ransomware Recruitment Efforts Following Law Enforcement Disruption
Contributors: Jason Baker, Senior Threat Intelligence Consultant; Drew Schmitt, Practice Lead, GRIT This blog expands on observations made as part […] ...
Zero-Trust Network Access: Why so Many Teams Get it Wrong
Zero-trust encompasses a variety of technologies, from strong identity systems to microsegmentation. Why are so many organizations getting it wrong? ...
GRIT Ransomware Report: February 2024
Additional contributors to this report: Nic Finn, Jason Baker, Justin Timothy, Ryan Silver February 2024 was an utterly chaotic month […] ...
Guarding Your Business: A Guide to Employee Training for Cybersecurity Vigilance
Protecting your business from scams and cybersecurity threats not only bolsters your business’s practices but also maintains your client’s trust. Without these safeguards, your business could fall victim to irreversible issues like ...
Threat Groups Rush to Exploit JetBrains’ TeamCity CI/CD Security Flaws
The cyberthreats to users of JetBrains’ TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that ...
BianLian GOs for PowerShell After TeamCity Exploitation
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […] ...
Response to ScreenConnect’s Recent Zero-day Vulnerability Exploitation
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) ...
Change Healthcare Gets Pharmacy Systems Up After Ransomware Attack
There is some relief coming for beleaguered pharmacies, hospitals, and patient now that UnitedHealth Group has the electronic prescribing systems for its Change Healthcare business up and running after being down for ...