Threat Alert: Attacks via DocuSign
Information Updated as of 3/13/2024 17:48 PDT DocuSign is being used along with malicious PDF files to spread banking trojans around the world but currently focused on Latin America. This does not mean the bad actors will not decide to start attacking US targets, in fact it’s almost a guarantee a shift will happen and […]
Compromised Ubiquiti Routers Used to Facilitate Offensive Cyber Operations
Security Advisory Last Updated: 10:00PM ET, March 2nd, 2024 Who: This critical security advisory applies to any MSPs or Organizations currently utilizing Ubiquti EdgeRouters in production or test environments. What: The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners have released a joint Cybersecurity Advisory (CSA) warning MSPs […]
High Confidence Phishing – False Positives
You may be receiving a lot of requests from your customers regarding False Positives in the email filter. You may also be thinking to yourself “Self, it sure does seem like there have been a lot of False Positives Quarantined in my email lately!”. For many MSPs, the next step is to go to your […]
Threat Alert: New Ransomware
Accurate as of 11/14/2023 3:53 PM PST Our threat team stumbled on a newly identified and currently undetected (by others) variant of ransomware. As part of empowering our partners and ensuring they have the most up-to-date information about new threats, we provide this update! First and foremost, this is blocked by the BLOKWORX security stack. […]
PovertyStealer – Definitely Not Poor, Definitely Not Detected
Information Accurate as of 10/26/2023 4:43 pm New variants come out rapidly. We have discussed this before and given examples. This is another in a long line of examples showing where “detection” is just not enough. PovertyStealer is associated with countless other campaigns such as RedLine stealer and AgentTesla. This new variant has been in […]
GhostRAT
Accurate as of 10/26/2023 4:26 pm The world is a very tumultuous place right now. One constant we can count on is new threats! This time we are talking about GhostRAT, which (in our found version) was labeled “BlueCheck card secret generation.exe” once translated. Below is the actual file name as the process attempts to […]
Threat Alert: Nitrogen
WHEN: Information Accurate as of 7/27/2023 WHO: This new malware appears to target those in the technology sector, like MSPs, based on the tools it attempts to appropriate WHAT: Nitrogen installs a malicious version of software like WinSCP (a tool utilized to connect to servers, such as Linux services with SSH enabled or file servers with FTP […]