by Fortify Security Team | Oct 23, 2021 | Research
While Conti is considered a ransomware-as-a-service (RaaS) model ransomware variant, there is variation in its structure that differentiates it from a typical affiliate model. It is likely that Conti developers pay the deployer’s of the ransomware a wage rather...
by Fortify Security Team | Sep 8, 2021 | Advisories, Situational Awareness
Hive ransomware, which was first observed in June 2021 and likely operates as an affiliate-based ransomware, employs a wide variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation. Hive ransomware uses multiple...
by Fortify Security Team | Aug 31, 2021 | Open Source News
Title: Cyberattacks Use Office 365 to Target Supply Chain Date Published: August 31, 2021 Cyberattacks Use Office 365 to Target Supply Chain Excerpt: “Supply chain cyberattacks involving Office 365 are effective in that they enable threat actors to bypass some...
by Fortify Security Team | Aug 30, 2021 | Open Source News
Title: New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305) Date Published: August 30, 2021 https://unit42.paloaltonetworks.com/cve-2021-32305-websvn/ Excerpt: “Analysis of this malware reveals that it is used to perform distributed denial...
by Fortify Security Team | Aug 27, 2021 | Open Source News
Title: Microsoft Azure Vulnerability Exposed Thousands of Cloud Databases Date Published: August 27, 2021 Microsoft Azure vulnerability exposed thousands of cloud databases Excerpt: “The flaw would have allowed any Azure Cosmos DB user to read, write and delete...
