Art Appraisal Blog

What is Malware? Malware, or malicious software, refers to any program or code that infects a computer and causes damage to it. Malware is malicious software that targets and seeks to damage, disable, or destroy computers, computer networks, tablets, and mobile devices, often by taking control of a device’s operations. It interferes with the normal functioning of the device. Malware is the umbrella term that covers all malicious software –...

Scenario An organization was hacked using the SQL injection and database access through its website. After penetrating the network and machine, the attacker created an account named “daemon” and then escalated the privileges to obtain more control of the network. Then the attacker injected a malware file called “hackit.exe” into the devices and established a connection to the command-and-control server to download additional malicious malware files named “malware.exe” after propagation....

What is Botnet? The bot is a piece of malware that executes commands under the control of a remote attacker by infecting a computer system. The botnet is a network of malware-infected computers controlled by the bot herder. A botherder manages the botnet infrastructure and uses compromised computers to crack networks, inject malware, harvest credentials, and execute CPU-intensive tasks on targets. A botnet is merely a collection of connected devices....

Introduction ‘BlackMatter’ is a ransomware-as-a-service (RaaS) that first appeared in July 2021, when rumors began circulating that it was linked to the DarkSide attack. Those behind BlackMatter have announced that they have incorporated the best features of DarkSide, REvil, and LockBit. BlackMatter ransomware is gaining popularity and targeting high-profile targets in the U.S., Europe, and Asia. The U.S. government has issued a security bulletin concerning the BlackMatter ransomware group following...

What is Lateral Movement? According to Mitre Att&ck, “Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral...

What is Zero Trust? Zero trust is a perimeter-less security model focused on designing effective and efficient security architectures. In enterprise security, the zero trust principle states that anyone inside or outside the network cannot be trusted unless they are identified appropriately. The zero trust philosophy assumes that threats both outside and within the network are omnipresent. In addition, the zero trust model also assumes that any attempt to access...

In this article, we will discuss Conti Ransomware in detail. We’ll present our analysis results and the tactics, techniques, and procedures (TTP). Let’s look at some interesting facts about vulnerabilities explored in the Conti Ransomware attack. Introduction The Conti is a ransomware-as-a-service (RaaS) operation believed to be controlled by a cybercrime group in Russia called WizardSpider. The ransomware shares some code with the infamous Ryuk Ransomware, which was last reported...

What is Ransomware? Ransomware is malware that infects a computer, restricts users’ access to their device, and threatens to publish a victim’s personal information, usually encrypted, to meet the demands. The motivation is typically monetary. Ransomware variants often attempt to extort money from victims by displaying an on-screen alert. Payment is usually demanded in virtual currency like Bitcoin to protect the cybercriminal’s identity. How Does Ransomware Work? Ransomware can be...

What is Reconnaissance? Reconnaissance is a term initially used in military operations to perform preliminary surveys and explore enemy areas by military personnel to gather enemy information. Reconnaissance in cyber security is a process of gathering information about the target organization. For an attacker, the first step of hacking involves collecting crucial information regarding the target so the attacker can then utilize this information to exploit and penetrate the target...

What is an Attack Surface? An attack surface, also known as an external attack surface or digital attack surface, refers to all internet-accessible hardware, software, platforms, and cloud assets that can be discovered, exploited, and used to breach a company. A cyberattack can leverage an attacker’s ability to leverage the interconnected network of assets within the attack surface. In other words, this is the total number of ways cybercriminals could...