by Fortify Security Team | Oct 23, 2021 | Research
While Conti is considered a ransomware-as-a-service (RaaS) model ransomware variant, there is variation in its structure that differentiates it from a typical affiliate model. It is likely that Conti developers pay the deployer’s of the ransomware a wage rather...
by Fortify Security Team | Jul 21, 2021 | Industry News
Title: Groundhog Day: Npm Package Caught Stealing Browser Passwords Date Published: July 21, 2021 https://blog.secure.software/groundhog-day-npm-package-caught-stealing-browser-passwords Excerpt: “It isn’t malicious by itself, but it can be when put into the malicious...
by Fortify Security Team | May 22, 2021 | Industry News
Title: Wormable Windows HTTP Vulnerability Also Affects WinRM Servers Date Published: May 22, 2021 https://www.bleepingcomputer.com/news/security/wormable-windows-http-vulnerability-also-affects-winrm-servers/ Excerpt: “It also impacts Windows 10 and Server devices...
by Fortify Security Team | Apr 26, 2021 | Situational Awareness
The Federal Bureau of Investigation (FBI) and US Department of Homeland Security (DHS) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek...
by Fortify Security Team | Mar 16, 2021 | Research
FBI reporting has indicated a recent increase in PYSA ransomware targeting education institutions in 12 US states and the United Kingdom. PYSA, also known as Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on...
