Art Appraisal Blog

Introduction ‘BlackMatter’ is a ransomware-as-a-service (RaaS) that first appeared in July 2021, when rumors began circulating that it was linked to the DarkSide attack. Those behind BlackMatter have announced that they have incorporated the best features of DarkSide, REvil, and LockBit. BlackMatter ransomware is gaining popularity and targeting high-profile targets in the U.S., Europe, and Asia. The U.S. government has issued a security bulletin concerning the BlackMatter ransomware group following...

What is Lateral Movement? According to Mitre Att&ck, “Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral...

What is Zero Trust? Zero trust is a perimeter-less security model focused on designing effective and efficient security architectures. In enterprise security, the zero trust principle states that anyone inside or outside the network cannot be trusted unless they are identified appropriately. The zero trust philosophy assumes that threats both outside and within the network are omnipresent. In addition, the zero trust model also assumes that any attempt to access...

In this article, we will discuss Conti Ransomware in detail. We’ll present our analysis results and the tactics, techniques, and procedures (TTP). Let’s look at some interesting facts about vulnerabilities explored in the Conti Ransomware attack. Introduction The Conti is a ransomware-as-a-service (RaaS) operation believed to be controlled by a cybercrime group in Russia called WizardSpider. The ransomware shares some code with the infamous Ryuk Ransomware, which was last reported...

What is Ransomware? Ransomware is malware that infects a computer, restricts users’ access to their device, and threatens to publish a victim’s personal information, usually encrypted, to meet the demands. The motivation is typically monetary. Ransomware variants often attempt to extort money from victims by displaying an on-screen alert. Payment is usually demanded in virtual currency like Bitcoin to protect the cybercriminal’s identity. How Does Ransomware Work? Ransomware can be...

What is Reconnaissance? Reconnaissance is a term initially used in military operations to perform preliminary surveys and explore enemy areas by military personnel to gather enemy information. Reconnaissance in cyber security is a process of gathering information about the target organization. For an attacker, the first step of hacking involves collecting crucial information regarding the target so the attacker can then utilize this information to exploit and penetrate the target...

What is an Attack Surface? An attack surface, also known as an external attack surface or digital attack surface, refers to all internet-accessible hardware, software, platforms, and cloud assets that can be discovered, exploited, and used to breach a company. A cyberattack can leverage an attacker’s ability to leverage the interconnected network of assets within the attack surface. In other words, this is the total number of ways cybercriminals could...

What is MITRE ATT&CK? MITRE ATT&CK stands for MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK). This was introduced in 2013 as a central knowledge base for cyber adversary behavior. A MITRE ATT&CK matrix consists of tactics and techniques used by adversaries to perform a cyber attack. ATT&CK matrix show tactics and techniques in an organized manner, from gaining access to the operating system to stealing data or controlling machines....

What is Cyber Threat Intelligence? Cyber Threat Intelligence is the enriched and aggregated knowledge of the cyber threats extracted by collecting, processing, and analyzing the data to understand and assess malicious threat actors’ motives, intent, targets, and attack behaviors. Threat intelligence helps us make better-informed security decisions and allows us to adopt proactive steps against cyber threats instead of reactive ones. “Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators,...

What is Malware? Malware (malicious software) is software or programs designed to intentionally damage a computer, network, or server. The goal of malware is to disrupt or destroy sensitive data and computer systems by infiltrating computer systems discreetly. The most common types of malware are Trojans, viruses, worms, spyware, malvertising, scareware, keyloggers, backdoors, ransomware, and mobile malware. Signs of Malware Infection on a Computer Malware may exhibit obvious or subtle...