Under Attack? Breach Response Hotline: Call 833.997.7327


With more than 15 years’ experience in cyber counterintelligence, we have learned to approach cybersecurity differently, and more effectively, than other companies. Browse our case studies, expert insights, Ask the Expert series and more to see why so many organizations choose us to protect their systems when the worst happens.

LockBit Recruiting Insiders for Millions
23 August 2021
LockBit ransomware operators are looking to recruit insiders from corporate companies to assist them with breaches and encryption of data. For those who...
27 US Attorneys' Offices Breached in SolarWinds Attack
23 August 2021
The US Department of Justice revealed Microsoft Office 365 email accounts of employees of 27 US Attorneys’ offices were breached during the SolarWinds...
grief ransomware st. louis mo
DoppelPaymer Rebrands to Grief Threat Group
02 August 2021
Yet again, we’re seeing similarities between a defunct group and a new group. Following the Colonial Pipeline breach where most of the general public...
black matter ransomware st. louis mo
New Ransomware Appears: BlackMatter & Haron
29 July 2021
These two ransomware variants are either new or old REvil & Darkside rebrands. Both are looking for high-profile targets to receive financial gain. As...
avoslocker ransomware 2
New ‘AvosLocker’ Ransomware Targets Ohio City
27 July 2021
Officials reported Monday that Geneva, a small city in Ohio, was the victim of a data breach involving a new type of ransomware called AvosLocker. The...
global security
Global Security Operations Lead The Way
27 July 2021
Global Security Operations continue to lead the way when responding to major security breaches that impact virtually every market segment in a post-covid...
Cloud Platform
Operational Technology Vulnerabilities Discovered in Cloud Platforms
27 July 2021
Leading cloud-management platforms can be used to attack critical ICS vulnerabilities. The advantages of employing a cloud-based management platform...
Kaseya Gets Universal Decryptor for REvil Victims
27 July 2021
Kaseya has received a universal decryptor that allows victims of the July 2nd REvil ransomware attack to recover files at no cost. Kaseya says they’ve...
cisa warning malware undetected st. louis mo
CISA Warning: PulseSecure Device’s Malware Goes Undetected
27 July 2021
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning today that over a dozen malware variants were found on exploited Pulse...
Popular CVEs Among Threat Actors
27 July 2021
From an examination of cybercrime forums between January 2020 and March 2021, Cognyte found these vulnerabilities to be most shared among threat actors. Although,...
SpearTip Adds Principal Consultant, Tim Reboulet
27 July 2021
SpearTip is excited to introduce one of the newest members of our team, Principal Consultant, Tim Reboulet. Tim Reboulet has over 20 years of international...
HelloKitty Ransomware Exploiting VMware ESXi Servers
27 July 2021
HelloKitty ransomware operators are now targeting VMware ESXi servers using a Linux variant. VMware has catered to virtual machines for better backup...
SpearTip Finds New Diavol Ransomware Does Steal Data
27 July 2021
Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet. BleepingComputer noted...
Kaseya Phishing Campaign Targets Victims Awaiting Security Patches
27 July 2021
The entire cyber industry was put to the test over the Fourth of July weekend after Kaseya was breached and ransomware was deployed on at least 60 MSPs...
Copy of Site PhotoPP (39)
Kaseya VSA Servers - Ransomware Attack Update
04 July 2021
REvil operators likely planned this attack on Kaseya VSA servers knowing the Fourth of July weekend was approaching. With many companies short-staffed...
Kaseya Ransomware
Kaseya VSA Users Under Ransomware Attack
02 July 2021
SpearTip's engineers have become aware of an urgent ransomware attack in progress affecting Kaseya VSA. The only way to prevent breaches is to block Kaseya...
Copy of Site PhotoPP (30)
Preventing the Critical PrintNightmare Vulnerability
01 July 2021
A PoC (Proof-of-Concept) of a critical windows vulnerability was published on GitHub this week and taken down within hours, but the code was copied and...
Copy of Site PhotoPP (27)
New Ransomware, Hive, Releases First Victim's Data
28 June 2021
After a June 14 breach, Altus Group’s files were just leaked on the new Hive ransomware group’s leak site. At the time of the breach, email communications...
Copy of Site PhotoPP (25)
REvil Remains Persistent Through Global Pressure
24 June 2021
Avaddon handed over the decryption keys and retired, Cl0p ransomware affiliates were arrested, but REvil has remained very active amidst global pressure...
Copy of Site PhotoPP (24)
New Ransomware, DarkRadiation
22 June 2021
Security researchers have identified a new strain of ransomware by the name of “DarkRadiation”. The ransomware is implemented in Bash and targets Linux...
1 2 3 4 11

Total Economic Impact™ Of SpearTip ShadowSpear