Posts

Showing posts from October, 2018

Don’t Get Comfortable Yet - The Declining Fear of Ransomware

Image
Don’t Get Comfortable Yet - The Declining Fear of Ransomware
With the news that ransomware attacks are on the decline, in favor of crypto-mining (aka “crypto-jacking”), it is tempting to now reshuffle your enterprise’s defensive priorities based on the adversary trends. But before you retask your Blue Team to focus on researching cryptocurrency miners, let’s take a moment and remember a few key fundamental facts about ransomware, and how it is still different, and more dangerous, from its money-mining “successor”. It might be easy to forget, but unlike the new “crypto-mining” darling of the adversarial space, ransomware actually holds your company and staff at ransom. Even though the state of ransomware “authors” seems to be at an all time low, as some seem to have even given up on actually encrypting files before asking for ransom, the estimated cost to an organization can still be over $100,000. Remember, regardless of how popular ransomware is (or is not) to attackers, these malici…

What is SCYTHE's origin story?

Image
What is SCYTHE's origin story?
When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities. Two and a half years ago, one of those challenges was brought to the company because of our reputation. A Fortune 50 company had been breached and suffered significant damages. As a result, the IT Security team was given a significantly increased budget which they used to hire incredible talent and have their choice of any assessment/penetration testing software available. Which they did. Extensively. They found they eventually exhausted what these tools could accomplish since they were built to do what they did well, but not for scale or extensibility. So, they called us. The initial requirement was to build another one of these tools, effectively a custom implant with C2 that would be new and thus evade signature. Recognizing they had done thorough product market research (and inter…