The Hive ransomware (especially in its v5 version) stands out for its sophistication, and for the impact caused to hundreds of companies and organizations worldwide, bypassing conventional defenses and challenging analysts with its advanced techniques.
In this article, we unravel its features, from its encryption methods to its anti-analysis countermeasures, illustrating not only the threat it poses, but also how it can be combated. Through a technical analysis, it is intended to empower readers with the knowledge necessary to understand and ultimately defend against these types of threats.
The Border Gateway Protocol (BGP) is fundamental to the functioning of the Internet as we know it, as it serves to route data flows along the optimal routes, through several different hops (or IPs). However, it was not designed with security by design, which opens the door to hijacking BGP-type threats.
Through these types of attacks, malicious actors can redirect traffic, causing data loss, such as in Man-in-the-Middle, among others. This article explores in depth these types of attacks, their impact, and the countermeasures available through mechanisms such as RPKI, IRR, and ROA.
The Avaddon ransomware appears as a disturbing threat that has demonstrated its ability to exploit vulnerabilities in systems, compromising the security and integrity of critical data.
This article dives into the details of how Avaddon works, while also providing a comprehensive analysis of strategies to detect and mitigate the threat.
This article introduces how ESXiArgs operates, and offers an approach to identifying and addressing the threat. Examining the characteristics and behaviours of ransomware, it provides detailed insight into the tactics it uses and how these can be detected in a vulnerable environment. It also explores strategies and best practices for cleaning and disinfecting compromised systems, restoring trust and security to the affected infrastructure.
With this study, we seek to offer a deep knowledge about the reconnaissance activity in cybersecurity, so that professionals from different fields can consider these tactics as an integral part of their security strategies. This study also aims to increase general understanding of these techniques and how they can be used to effectively protect information and systems.
The evolution of communications in society is also having an impact on the industrial world. With the arrival of 5G, many industrial companies have considered migrating some of their communications to take advantage of the characteristics of this new mobile communications band, such as the reduction of latency times, the increase in connection speed or the exponential increase in the number of devices that can be connected to the network. These characteristics fit perfectly with the industrial mentality, where there are a multitude of interconnected devices between which there cannot be a communication cut due to the criticality of the processes they implement.
This article aims to comment, in addition to all the advantages that 5G provides to the industry, the different uses that can be given currently and the complexity of implementing these communications in some devices for subsequent deployment in the industry. Also, to specify possible vulnerabilities in communications using 5G networks.
The history of cybersecurity is marked by names that have left an indelible mark on the field of digital threats. Among them, Maze, Egregor and Sekhmet stand out as notable ransomware variants, whose similarities go beyond mere coincidence.
In this article, we will unravel the tactics these ransomwares employed, the encryption mechanisms they used, and the evasion and propagation strategies they employed. The review of these malware will offer us a deeper insight into the persistent threat of ransomware, as well as the importance and need to strengthen our cybersecurity posture.
At the end of 2019, the Ragnarok (or Asnarok) ransomware appeared leaving a trail of digital victims in its path. The malware not only encrypted the files and demanded a ransom, but also threatened to erase and publish the stolen data. This article offers an in-depth look at Ragnarok, from its design and motivation to its methods of infection and spread. In addition, it provides different methods of response and disinfection.
LockerGoga is a ransomware-type malware, first discovered in 2019, that infects computer systems, encrypts your files, and demands a ransom in cryptocurrencies in order to recover them. Unlike others, LockerGoga focuses on attacking businesses and government organizations. This article describes what it is and explains the relevant methods to respond to this threat
En este estudio, se expone brevemente el origen y evolución de la amenaza ransomware LockBit 3.0, a través del análisis de varias muestras maliciosa, con el objetivo de facilitar la información necesaria para poder identificar las características propias de este malware, su comportamiento y técnicas empleadas, permitiendo así una mejor identificación y respuesta ante ella.