In this report, Armor's Amer Elsad will dive deep and explore Grief operation and development since it was first observed in July 2017 as BitPaymer, as well as compare the different variants and partnerships with other threat actors and ransomware groups Download Report
View MoreBah Humbug – Nasty Active Directory Exploits Call for Immediate Patching New attacks reinforce importance of rigorous updates in wake of Log4Shell As the Log4j threat continues to unfold, there is yet another “humbug” that should be top-of-mind for businesses as we enter the throes of the holiday season. The Armor team is closely monitoring […]
View MoreWe’re continuing our blog series about Living-off-the-Land (LotL) attacks by focusing on a particularly fast-moving malware called Astaroth. Click here to view the first post, which goes into the characteristics of LotL binaries and how they work. First spotted in the wild in 2017, Astaroth is a highly prevalent, information-stealing Latin American banking trojan. It […]
View MoreArmor’s cybersecurity and compliance assessment delivers a baseline assessment for your organization’s overall cybersecurity and compliance posture.
View AssessmentCyber trends tend to come and go, but one popular technique we’re seeing currently is the use of living-off-the-land binaries. The concept of “living off the land” (LotL) was first introduced by Christopher Campbell and Matt Graeber at Derbycon 3.0 (2013) and refers to attacker behavior when they use any binary supplied by the operating […]
View MoreArmor, a global cloud security solutions provider, has identified 6 new Managed Service Providers (MSPs) and/or Cloud-Based Service Providers that have been compromised by ransomware, bringing the total number of publicly identified MSPs / Cloud-Based Service Provider victims in 2019 to 13. 6 New Ransomware Victim MSPs and/or Cloud-Based Service Providers Identified. They include: SchoolinSites—Saraland, […]
View MoreArmor identifies 15 new ransomware victims including healthcare, edcuation and municipalities.
View MoreDiscover the true ROI of Armor’s cloud security solution Armor Anywhere.
Check it outUpdate 9.26.19 Since the original publication of this report on Friday, September 20 the following 5 schools have also come forward as victims of ransomware attacks, for a total of 15 schools in the past two weeks. A total of 54 education victims, potentially impacting over 500 individual K-12 schools have been reported in the […]
View MoreUpdate Tuesday, September 3, 2019: to reflect new victims identified by Armor As of today, Armor’s Threat Resistance Unit (TRU) security team has identified four new ransomware victims since Friday, August 30 bringing the total to 17 new ransomware victims in the past 11 days. Ten of them are school systems. Education officials across the […]
View MoreUpdated as of 10:30 am CST, August 22, 2019 Armor Identifies Seven New Victims in Statewide Ransomware Attack After identifying the cities of Keen and Borger, Texas as victims of the mass ransomware attack which hit Texas on August 16th, cloud security solutions provider Armor has identified seven new victim organizations. They include: Wilmer, TX Lubbock […]
View MoreLast Updated: 5/29/2019 Eric Sifford, security researcher with Armor’s Threat Resistance Unit (TRU), found new tweets on Saturday, May 25, 2019 and on Tuesday, May 28, 2019 from a Twitter account , which appears to be connected to the City of Baltimore ransomware attackers. Both tweets were directed squarely at Baltimore’s mayor, Bernard C. “Jack” […]
View More