Author name: Cymon

Phishing campaigns continue to increase globally. These operations offer an easy route for cybercriminals to generate revenue, steal credentials and spread malware. Cyjax has recently investigated a sophisticated, large-scale phishing campaign that exploits the reputation of international, trusted brands, and targets businesses in multiple verticals including retail, banking, travel, pharmaceuticals, travel and energy. We are […]

Kevin McMahon, CEO of Cyjax Limited, discusses the ever-looming threat of cyberattacks facing small and medium-sized businesses today. In March 2021, an important new report on national defence and foreign policy in the UK was published – ‘Global Britain in a Competitive Age’.1 While in the report there is a focus on traditional forms of

The Snatch ransomware operators, a group that began operating in 2019 and disappeared in 2020, has resurfaced after almost a year of silence. The group has created a new leaks blog and has already added 10 new victims. They are also one of the multiple groups about which Native American tribes have been warned. An

In the Americas, the world’s largest meat supplier, Brazil-headquartered JBS, announced that it had paid hackers approximately USD11m, reportedly in Bitcoin, to end a major ransomware attack affecting its computer networks in North America and Australia. San Francisco-based cloud computing services provider Fastly said that a global internet outage affecting major corporate and government entities was caused

Phishing is nothing new: it has been around in some form since the earliest days of the internet and before – even postal mail had its own forms of phishing (and still does). Since the turn of the millennium, however, online services have boomed, creating an ever-increasing pool of targets for convincing phishing lures intended

Shodan is an extremely useful tool for checking what devices your network may have listening on the Internet, or for getting an idea of the overall exposure of a type of database or device. We can also use Shodan to find databases that have been routed to the Internet by mistake or databases that do not have any kind

Executive Summary Cyber threat actors are expected to increase their attacks as the 2020 US Presidential Election approaches. In its first HTA annual report, the US Department of Homeland Security (DHS) disclosed that unknown threat actors targeted the US Census network throughout 2019. The DHS expects state-sponsored attackers from China, Russia, Iran and North Korea

Executive Summary  This week government departments and industry bodies continued to warn about the ZeroLogon vulnerability (CVE-2020-1472). In the US, federal departments were given until 21 September to apply patches. Servers that could not be secured were taken offline and removed from government networks. Three days later, Microsoft Threat Intelligence Center (MSTIC) warned attackers were actively leveraging Windows Server ZeroLogon exploits.

What is an IOC? Indicators of Compromise, shortened to IOCs, are relatively varied, but generally constitute the URLs, domain names, and IP hashes (MD5, SHA256, SSDEEP) that are associated with a particular malware sample. When we analyse malware, we ‘extract’ the IOCs. In doing so, we want to establish what domains or IPs the malware