Blog

WEBINAR: Is Zero Trust Possible in a Remote Work Scenario?

WEBINAR: Is Zero Trust Possible in a Remote Work Scenario?

Organizations worldwide have moved to remote work scenarios in response to the COVID-19 pandemic. Moving to a remote workforce has presented CIOs and CISOs with key challenges surrounding the traditional perimeter security model. During this time, the health and safety of your enterprise workforce is paramount, but we know that security cannot take a back seat. In this webinar, we... Read More
May 1, 2020
Threat Advisory Update: Emotet Botnet Shows Signs of Life & COVID-19 Phishing Campaigns Target Healthcare

Threat Advisory Update: Emotet Botnet Shows Signs of Life & COVID-19 Phishing Campaigns Target Healthcare

The Emotet botnet has begun to show signs of life after months of inactivity. The E2 portion has started deploying credential and email stealing modules. It is believed that this could be a preparation step for a new spam campaign. During the downtime, the operators behind Emotet have redesigned it and some of the modules it uses. New features include... Read More
April 22, 2020
Threat Advisory: NSA, ASD Release Guidance for Mitigating Web Shell Malware

Threat Advisory: NSA, ASD Release Guidance for Mitigating Web Shell Malware

The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly released a Cybersecurity Information Sheet (CSI) on mitigating web shell malware. Malicious cyber actors are increasingly deploying web shell malware on victim web servers to execute arbitrary system commands. By deploying web shell malware, cyber attackers can gain persistent access to compromised networks. The CSI provides... Read More
Threat Advisory: Re-Emergence of the Maze Ransomware

Threat Advisory: Re-Emergence of the Maze Ransomware

Herjavec Group continues to track COVID-19 related cyberattacks. We have a complete threat advisory tracking various threats, malware types, as well as a summary of IOCs and domains specific to COVID-19. The full advisory can be found here. The Maze ransomware was initially discovered in May 2019, and since then the attack frequency has increased and the group behind it... Read More
April 20, 2020
Security Best Practices for Your Organization’s Video Conferencing Platform

Security Best Practices for Your Organization’s Video Conferencing Platform

As COVID-19 shifts organizations globally to remote work, there has been an inevitable increase in the use of video conferencing and team collaboration tools such as Zoom, Skype, Microsoft Teams, and WebEx. Threat actors are exploiting publicly known vulnerabilities in these remote work collaboration & communication tools to spread malware and gain access to restricted, private meetings. The Federal Bureau... Read More
April 17, 2020
Cybersecurity CEO: Insider Threat Rises Sharply Amidst New COVID-19 Workplace

Cybersecurity CEO: Insider Threat Rises Sharply Amidst New COVID-19 Workplace

Employees working from home intensifies cyber risk – Robert Herjavec Los Angeles, Calif. – April 15, 2020 Your CFO is working from home now. That’s just one of how many remote privileged users with keys to your kingdom outside of the corporate office. If that doesn’t raise a red flag in your head, then it should… We all know that... Read More
April 16, 2020
Herjavec Group’s Threat Summary Analysis – Q1 2020

Herjavec Group’s Threat Summary Analysis – Q1 2020

DOWNLOAD THE LATEST THREAT SUMMARY HERE   Herjavec Group’s Threat Management Team leverages this Quarterly Threat Summary to provide an overview of the most common threats and vulnerabilities seen in customer environments in recent months. In our Q4 2019 Threat Summary, our team noted a rise in ransomware attacks, major vulnerabilities across security technologies, and threat group activity. In Q1 2020,... Read More
April 9, 2020
Threat Advisory: SMS Phishing Cyber Attacks & Telework Exploits

Threat Advisory: SMS Phishing Cyber Attacks & Telework Exploits

Herjavec Group continues to track COVID-19 related cyberattacks. We have a complete threat advisory tracking various threats, malware types, as well as a summary of IOCs and domains specific to COVID-19. The full advisory can be found here. Recently, there has been an increase in the use of SMS phishing and Telework Infrastructure Exploits to execute cyber attacks. SMS Phishing... Read More
April 8, 2020
Threat Advisory: Kwampirs Trojan Campaign Continues

Threat Advisory: Kwampirs Trojan Campaign Continues

The FBI's Cyber Division has re-released a January Flash report for the Kwampirs Remote Access Trojan (RAT). The primary target industries are healthcare, software supply chain, energy, and engineering industries, and the secondary targets are financial institutions and law firms. Kwampirs employs a two-phase approach. According to the FBI's Private Industry Notification, "the first phase establishes a broad and persistent... Read More
April 7, 2020
Threat Advisory: Updates Regarding COVID-19 Related Cyber Attacks

Threat Advisory: Updates Regarding COVID-19 Related Cyber Attacks

Overview  Malware-based phishing campaigns have been on the rise since early March. The campaigns appear to be from a trusted source, such as healthcare organizations, educational institutions, government agencies, or other official sources. The associated emails often contain a link that promises key information, relevant data, or tracking information regarding the Coronavirus. A number of these emails appear to originate... Read More
April 6, 2020