Be prepared for aggressive ransomware What a couple of weeks of astonishing news we have had. Storms Dudley, Eunice and Franklin struck the UK with some considerable force causing serious travel, power and associated infrastructure issues – four days of power outages for many people in the sticks, withering out even a new Apple Mac … Read more
The world has gone nuts Taking over today’s mainstream headlines is the forthcoming shortage of KP Snack foods including Hula Hoops, McCoys, Peanuts (Salted or Dry Roasted, alas not Jungle Fresh like Golden Wonder back in the day) and possibly to save you time even the King of nuts, Cashews. By way of a small … Read more
Logging around the Christmas week Unless you have been attending too many Christmas lunches, dinners, drinks parties (like our fantastic ‘Friends Of Tiberium’ new office opening event), you will have seen the news that yet another piece of open source code running on Unix servers has been discovered to contain a critical bug which ‘could … Read more
777 cyber incidents supported by the UK NCSC in the past 12 months Last week the UK National Cyber Security Centre (NCSC- part of GCHQ) released its annual review and very interesting reading it makes. With every passing year, the ‘hands on’ services of the NCSC increasingly support both the public and private sectors, announcing that this … Read more
No Hippo-cracy evident in WhatsApp versus NSO court case We have all heard about the infamous Israeli cyber security software company NSO group whose most infamous work is the mobile device spying software Pegasus. According to NSO, Pegasus software is allegedly only sold to “licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime,”. … Read more
Diamonds are a geek’s best friend You will no doubt have heard about the Russian ransomware gang called Conti (or something like that) which has spent the last year ransoming critical national infrastructure and national health services including the Irish Health and Safety Executive (HSE). Following a meeting between POTUS Biden and Vlad, where it is reported that … Read more
Introduction This is the second blog in the ‘Classifying Malicious Domains’ series, which aims to give insight into how to we at Tiberium use our knowledge of attacker’s techniques, tactics, and procedures to detect attacks before they occur. Today we’re going to talk about ‘dodgy’ looking domains – that is a domain that looks more like a plate of alphabet soup than a bona fide website. An early tl;dr … Read more
Microsoft has identified (more) Nation-State supply chain attacks We all know about supply chain attacks, the most recent example being the Solarwinds/FireEye debacle in which parties third, outed as the Russian state-sponsored APT-29 group (also called Nobelium) by none other than the FBI and associated American Government departments (they have so many, it’s too confusing). The long and short of these … Read more
Using TTP-based intel to classify malicious domains Introduction This blog series will show how Tiberium harnesses intel around attackers’ tactics, techniques, and procedures to classify malicious domains as part of our FROST and MYTHIC 24/7 MSSP services. Preventative security is cool. Having the ability to think several moves ahead of an attacker, identifying their presence while they still think they are invisible, and manning the barricades … Read more