Blog

January 20, 2022

Fallout from Log4Shell-related Vietnamese Cryptocurrency Exchange Attack: KYC Data for Sale on Dark Web

Introduction Since its discovery at the end of 2021, Log4Shell – a zero-day vulnerability affecting Apache’s Log4j...
January 19, 2022

Technical Indicators of Ukrainian Website Defacements

Overnight on Thursday January 13th, a number of Ukrainian government websites were defaced. Below we have outlined the technical...
January 17, 2022

Resources for DFIR Professionals Responding to WhisperGate Malware

Overview On Saturday January 15th, Microsoft released a blog titled “Destructive malware targeting Ukrainian organizations”....
January 10, 2022

Abcbot - An Evolution of Xanthe

Overview Abcbot, the emerging botnet that we recently analyzed and reported on, has a longer history than we first thought....
January 6, 2022

Our Take: Four Cloud Security Predictions for 2022

2021 was far from ordinary. Cybersecurity remained front and center after numerous high-profile breaches and vulnerabilities...
December 21, 2021

The Continued Evolution of Abcbot

A new version of a malicious shell script targeting insecure cloud instances running under Cloud Service Providers such as...
December 14, 2021

Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability

By Matt Muir Overview As previously reported, a recently-discovered critical vulnerability (CVE-2021-44228) in Apache’s...
December 13, 2021

Analysis of Initial In The Wild Attacks Exploiting Log4Shell/Log4J/CVE-2021-44228

Introduction Log4J is an open-source logging platform running on Java and built-in to many web platforms. Public reports...
December 6, 2021

How to add Forensics to your SIEM and Start Automating Investigations

By Adam Hillel and Katerina Tiddy SIEM platforms are a key part of an organization’s security operations. A SIEM centralizes...
November 16, 2021

New ESG Research Reveals 89% of Companies Negatively Impacted by Cloud Cyber-Attacks Prior to Full Investigation

We’re excited to unveil new cloud digital forensics research in collaboration with ESG. As cloud attacks continue to...