The Impact of the FireEye Breach

The FireEye hack is a regrettable event that will likely cause significant issues for US companies and governmental agencies. The threat actors behind the FireEye compromise targeted FireEye’s internally developed red team tools. FireEye used these custom tools and exploits to conduct penetration testing on organizations to expose vulnerabilities within networks. Although, FireEye claims that […]

International Computer Security Day

Cyber Monday falling on the same day as International Computer Security Day is ironic to say the least. Our world has become so digital, it is sometimes difficult to keep up. Now, more than ever, is it critical to have a basic understanding of computer security. In the late 1980s, the first computer virus was […]

Welcome to the DarkSide

DarkSide, a new ransomware group discovered on August 10, 2020, has begun gaining traction due to recent ransomware attacks across the United States. Darkside is a unique group in the way they neglect to target the medicine, education, non-profit organizations, and the government sector, based on currently available information. This decision is crucial as COVID-19 […]

The Desolation of Smaug Ransomware

SaaS, PaaS, IaaS, well what about RaaS? RaaS stands for Ransomware-as-a-Serivce. Threat Actors can employ a RaaS provider to gain access to their ransomware infrastructure. Smaug Ransomware, one of the latest strains of ransomware, is taking advantage of the RaaS model. Threat Actors can use Smaug’s infrastructure via a Dark Web Onion site to download […]

Garmin Attack Further Challenges Boundaries of Ransomware Payments

News of the WastedLocker Ransomware attack on Garmin, the GPS and aviation specialist, continues to spread. According to reports, Garmin originally contacted the primary ransomware payment negotiation firm in the industry, who immediately declined to transact the payment due to the U.S. Treasury sanctions issued by the Office of Foreign Assets Control (OFAC). Garmin then […]

Introducing the Newest Horror: Exorcist Ransomware

On July 21st, a new variant of ransomware was discovered dubbed Exorcist Ransomware. This Ransomware is unique due to its ability to scan keyboards and their setups upon entering the environment. Specifically, this variant of ransomware is looking at locale of the machine before running the encryption process. Russian based machines will make the malware […]

Okay, Google – Can You Help Me Build Ransomware?

According to BleepingComputer.com, a Google employee created an encryption tool called AgeLocker to encrypt files. This tool was recently used in part to push out a ransomware attack. Examination of the attack revealed a link within the encrypted files sent you to a GitHub posting where a utility called ‘Age’ was created by a current […]

A Ransomware Attack is as Important as Your Health

The healthcare industry continues to be one of the most popular targets for cybercriminals. Across the globe, healthcare companies contains sensitive information for millions of people and gives criminals an incentive to perform one large sweep to get the most value out of their attack. This data also continues to hold value on the dark […]

IT Company Hit With Ransomware Attack

The Managed Service Provider (MSP) Cognizant, located in Teaneck, New Jersey, was the victim of a recent ransomware attack presumed to be carried out by the ransomware group, Maze. After this attack, Cognizant had to frantically notify their clients to disconnect from the network to avoid any further damage. Immediate disconnection form the IT powerhouse […]

Ransomware You Probably Didn’t Know About

Ransomware groups continue to innovate with new ways of locking down environments. SpearTip has analyzed several new approaches over the last several weeks. One of the latest ransomware projects is Java based ransomware. This ransomware has been observed “in the wild” but not yet on a widespread basis. Java based ransomware is difficult for many […]