threat

Geopolitics and Cybersecurity Weekly Brief – 26 October 2020

Executive Summary The US Treasury Department has issued sanctions against five Iranian entities claiming that they attempted to influence the upcoming US 2020 presidential election: these include the Islamic Revolutionary Guard Corps (IRGC). Most recently Iran was blamed for an email intimidation campaign against Democrat voters in Florida. Continued election-related disruption attempts are expected regularly […]

Geopolitics and Cybersecurity Weekly Brief – 26 October 2020 Read More »

IOCs – Gotta Catch ‘Em All?

What is an IOC? Indicators of Compromise, shortened to IOCs, are relatively varied, but generally constitute the URLs, domain names, and IP hashes (MD5, SHA256, SSDEEP) that are associated with a particular malware sample. When we analyse malware, we ‘extract’ the IOCs. In doing so, we want to establish what domains or IPs the malware

IOCs – Gotta Catch ‘Em All? Read More »

Geopolitics and Cybersecurity Weekly – 24 August 2020

Attacks and cybersecurity news Japanese business technology organisation Konica Minolta was hit with a ransomware attack towards the end of July: its services were impacted for almost a week. Researchers obtained a copy of the ransom note and established that the attackers deployed RansomEXX. It is not believed that this malware steals user data before

Geopolitics and Cybersecurity Weekly – 24 August 2020 Read More »

Geopolitical and Cybersecurity Weekly – 27 July 2020

COVID-19 Cybersecurity Update A study conducted by VMware Carbon Black has revealed that enterprises are reporting an increase in cyberattacks since restrictions on free movement have been implemented. There was a 92 per cent increase in COVID-19-inspired malware. Singapore saw a 43 per cent increase in the number of attacks; 67 per cent of them

Geopolitical and Cybersecurity Weekly – 27 July 2020 Read More »

Geopolitical and Cybersecurity Weekly – 20 July 2020

COVID-19 Cybersecurity Update The US National Security Agency (NSA) and the UK National Cyber Security Centre (NCSC) have disclosed new information regarding Russian threat group APT29 targeting research organisations worldwide. The group is believed to operate on behalf of the Russian intelligence services. The campaign against organisations participating in coronavirus (COVID-19) vaccine development also targeted

Geopolitical and Cybersecurity Weekly – 20 July 2020 Read More »

Cyjax Geoplitical Podcast – June 2020 – The Blog

As measures put in place to combat and slow the spread of COVID-19 become a part of everyday life, Cyjax CISO, Ian Thornton-Trump, and Head of Editorial, Tristan de Souza are virtual once again. The seventh instalment of the Cyjax Geopolitical Podcast covers the “shocking” (in Ian’s words) story of over 30 million Chrome users

Cyjax Geoplitical Podcast – June 2020 – The Blog Read More »

credit card phishing - piles of credit cards with a fish hook on computer keyboard

Two-Factor Fail: Analysis of a modern phishing kit

Introduction Our team was recently alerted to a well-made phishing page targeting a large UK bank. During our investigation we found that this page was part of a larger “multi-part” phishing kit that did not function as common phishing kits do, instead using a central control panel. We were able to obtain the source code

Two-Factor Fail: Analysis of a modern phishing kit Read More »

COVID-19 Critical Infrastructure Cyber Threat Brief

The full Cyber Threat Brief for Critical Infrastructure can be downloaded here. There has been a significant uptick in cyberattacks exploiting fear of the coronavirus to compromise victims. Notably, however, there has not been a surge in the total number of attacks. Instead, existing cybercriminal operations have been rethemed with COVID-19 lures. Attackers have not

COVID-19 Critical Infrastructure Cyber Threat Brief Read More »

Special delivery: common malware propagation methods

In this post, we hope to demystify some of the most common malware delivery methods that modern threat actors use to deliver their malicious payloads. Understanding how these methods work is essential to spotting malicious activity in your organisation and potentially saving both money and time spent on recovery. This is by no means an

Special delivery: common malware propagation methods Read More »

Scroll to Top