REvil Ransomware (also known as Sodinokibi) is a sophisticated file-encrypting windows strain operated as RaaS (Ransomware as a Service). Since mid-April 2019, security researchers have been identifying persistent REvil Ransomware activity across different geographies. At first, the malware propagated via vulnerabilities in Oracle WebLogic Server. Later, the malware started spreading through phishing and spam emails,… Continue reading REvil Ransomware AKA Sodinokibi (RaaS)
Detected in March 2020, ProLock.Ransomware is a newly identified “human-operated” file-encrypting windows strain. ProLock is the successor of another ransomware strain “PwndLocker” that had a flaw in its code, which lead victims to decrypt data without having to pay a ransom. The designers of the malware upgraded the malicious code of PwndLocker and renamed it… Continue reading ProLock Ransomware
The current global remote working movement has become an opportunity for cyber attackers. Security researchers at SISA have been observing a persistent ransomware activity around the world. Now, we found another file-encrypting malware, disrupting enterprises in Taiwan. ColdLock is a newly identified ransomware strain that reportedly focuses on encrypting databases and email servers of the… Continue reading ColdLock Ransomware
Ransomware continues to be the most dangerous threat vector of 2020. Recently, security researchers detected another new ransomware strain ‘.panther file virus’, sneaking into organizations’ internal systems and locking critical data files. The malware was first identified in the last weeks of March 2020, and now in July, it is seen targeting Asian data-driven organizations.… Continue reading Panther Ransomware
Malwares aren’t going anywhere. Today’s news cycles, especially during the COVID-19 pandemic, seem to be full of cyber incidents. One such malware MosaicRegressor, the Second-Ever Windows Unified Extensible Firmware Interface (UEFI) Rootkit that can stay on the motherboard flash memory located in the BIOS region of the PC, was found recently. One other known instance… Continue reading MosaicRegressor Malware
They are warning about a new Android trojan “Ghimob” that can siphon off data from 153 mobile applications. The risk isn’t limited to data breach threats – the attackers can even bypass banking institutions’ security measures to make fraudulent transactions on Android users’ smartphones. With a link in an email that takes the users to an authentic-looking app,… Continue reading Ghimob malware can spy on 153 Android mobile applications
On Dec 13, 2020, SolarWinds, a commonly deployed network management solution, confirmed that a cyber incident has occurred which appears to be an IT operations product used well by Fortune 500 companies, US Government agencies, and critical SMB firms. The SolarWinds Orion application updates have been infected for a period between March and June 2020.… Continue reading SolarWinds Fallout: How The Sunburst Attack Happened
Records are made to be broken. The Cryptomix Clop ransomware took this seriously as it stepped up in October 2020 to demand a whopping 20+ million-dollar ransom from one of the largest software companies in the world. That’s not all. It has improved over time and was recently noticed in the wild going after top… Continue reading Clop Ransomware: Don’t Think It Can Happen to You?
Blog The system that for years has protected our digital business is now vulnerable to advanced persistent threat (APT) actors and soon may be a victim of potential attacks. The FBI and the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), in a joint alert, have recently warned that threat actors are actively exploiting… Continue reading How to Prevent a Potential Fortinet FortiOS Breach: All You Need to Know
Blog A code coverage tool that helps more than 29,000 enterprises measure how much of the source code executes during testing, has been exposed to a threat since January 2021. According to investigators, this incident might have given the attackers access to networks of Codecov’s clients. So, what could happen to you? Glad you asked.… Continue reading Codecov Breach: All Questions Answered
SISA is a Leader in Cybersecurity Solutions for the Digital Payment Industry. As a Global Payment Forensic Investigator of the PCI Security Standards Council, we leverage forensics insights into preventive, detective, and corrective security solutions, protecting 1,000+ organizations across 40+ countries from evolving cyberthreats.
Our suite of solutions from AI-driven compliance, advanced security testing, agentic detection/ response and learner focused-training has been honored with prestigious awards, including from Financial Express, DSCI-NASSCOM and The Economic Times.
With commitment to innovation, and pioneering advancements in Quantum Security, Hardware Security, and Cybersecurity for AI, SISA is shaping the future of cybersecurity through cutting-edge forensics research.
USA
India
APAC
Middle East
Global
Facebook
Linkedin 
X
Youtube
