The articles below were written by me, and published outside of my site.
Ransomware happens, be prepared: Preventing a LockBit attack
Published 2021-09-30 | Adam Fowler IT Article | Wayback Archive
While it is possible that someone who is prepared will not be significantly impacted by a ransomware attack, most of us will not be so lucky. In most cases, a ransomware attack will mean completely restoring the computer to its factory settings and losing most or all of our data. This is clearly not the best option for anyone, so what can we do to make sure that we don’t become a victim in the first place?
Recovering from a LockBit ransomware attack
Published 2021-09-23 | Adam Fowler IT Article | Wayback Archive
Here’s the thing with relying on being insignificant enough to not be an obvious target: it doesn’t matter. You are still a target if you are vulnerable, and the chances of coming out of the situation without any data loss are minuscule. Of course, you can do things with a partial protection solution, even though you may not be able to stop the attack or save all of your files. These options include tools that range from built-in or free tools to paid solutions that will at least minimize the impact of an attack on your computers.
No user too small to target: A look at the new LockBit ransomware
Published 2021-09-16 | Adam Fowler IT Article | Wayback Archive
It is no secret that ransomware attacks are on the rise, and attackers are finding new ways to access our systems. While malicious emails remain a constant, we are seeing an increase in compromises of trusted software. This increase is coming as extortion gangs become more organized and learn from each other. A great example of the evolution of malware is LockBit, which had already taken on some of the traits of Maze, but with LockBit 2.0 now also showing similarities to Ryuk and Egregor.
#BHUSA or bust: Hopes and expectations for Black Hat 2021
Published 2021-07-28 | Acronis Article | Wayback Archive
Since 1997, Black Hat has been a staple in the world of cybersecurity conferences. Having been in cybersecurity for nearly a decade, I’ve been aware of Black Hat, but haven’t had the opportunity to attend. Sure, I’ve attended DEF CON and some local cybersecurity conferences, but never one with a corporate focus.
That finally changes for me this year as I’ll be joining Black Hat 2021 starting this weekend. The prospect has me both excited and anxious. And while I wish my first Black Hat experience was in-person, with the global pandemic still raging, I am happy this year’s hybrid event enables me to attend at all.
Detonating Ransomware on My Own Computer (Don’t Try This at Home)
Published 2021-07-14 | Bleeping Computer Article | Wayback Archive
Headlines of ransomware attacks seem to be a daily occurrence, announcing new levels of danger and confusion to the already complicated business of protecting data. One such threat is Conti, which is often used to target healthcare organizations and retailers.
How it behaves can tell us a lot about a modern ransomware attack – so I recently detonated Conti ransomware in a controlled environment to demonstrate the importance of proper cyber protection.
I Triggered a Ransomware Attack – Here’s What I Learned
Published 2021-06-23 | Security Boulevard Article | Wayback Archive
Ransomware attacks are perceived as complicated, confusing and dangerous. While all those things are true, there are also some basic truths about ransomware attacks that can be used to stop an attack quickly, minimizing or eliminating the damage they cause. Conti is a form of ransomware that has often targeted health care organizations and retailers, and perfectly demonstrates the basic behaviors exhibited by ransomware. Detonating Conti ransomware inside of a controlled environment tells us a lot about a modern ransomware attack, so that is exactly what I did.
Is There Hope for ICS and Supply Chain Security?
Published 2021-05-24 | Security Boulevard Article | Wayback Archive
Industrial control systems (ICS) have been the target of countless cyberattacks in recent years. Some of these attacks have an extortion goal in mind, while others seem to be nothing more than a test to see if the attacker is able to access and disrupt systems. As malicious actors become more clever in their tactics, we are also seeing an increase in supply chain attacks, complicating matters even further. As cybercriminals find new ways to improve their attacks, is there any hope of protecting our industrial networks from future attacks?
Cybersecurity Predictions For 2021
Published 2021-03-17 | Cyber Defense Magazine Article | Wayback Archive
We’ve finally settled into the “new normal,” but cyber threats continue to evolve and respond to the new environment. As we look forward to 2021, here are a few of our cybersecurity predictions.
OSAMiner: The Apple cryptojacker that hid for five years
Published 2021-01-28 | Acronis Article | Wayback Archive
While OSAMiner has been around since 2015, and known since at least 2018, a newly discovered version of OSAMiner has remained hidden from researchers by cleverly concealing one run-only AppleScript inside of another run-only AppleScript. Run-only scripts do not contain human-readable code and are notoriously difficult to fully decompile. Some IoCs have been able to be identified in these campaigns but a full analysis was not previously available, leaving some of the critical files in these campaigns lurking in the dark. This has changed with a couple of recently developed tools to aid in decompiling AppleScripts. Using these tools, we can now get a better view at the internals of the files in this cryptojacking campaign, as well as a broader view of the files associated with the malware.
5 Ways to Protect Online Learning Environments
Published 2020-10-23 | Security Boulevard Article | Wayback Archive
As educational institutions from preschool through college are making moves to continue with online learning as the pandemic continues, there are a few ways they can ensure the safety of their staff and students as well as the security of their data.
Securing Healthcare Data in a COVID World
Published 2020-09-01 | Security Boulevard Article | Wayback Archive
Healthcare data is some of the most personal information any of us have. In the midst of the global pandemic, many people whose information would not have entered medical systems normally are being hospitalized and data about them is being collected. With protected health information such a lucrative target for cybercriminals, are we living in a new age of identity theft and exposed secrets, or can we take steps to keep our information safe?
The 2019 Database Gold Rush
Published 2019-08-08 | SiteLock Article | Wayback Archive
The California Gold Rush began in 1848 when James W. Marshall discovered gold at Sutter’s Mill in Coloma, California. Just over 170 years later, we are experiencing a similar rush, only this time it is data being mined, instead of gold. The data gold rush may have had a slower start, but the value to those who are doing the mining is similar.
The WordPress of the Future
Published 2018-12-28 | SiteLock Article | Wayback Archive
While other platforms have come and gone, split into multiple platforms, or struggled to even get noticed, WordPress has been a steady force that nearly one-third of the internet relies on. In this article, I discuss how WordPress embraces the future with the new block editor, Gutenberg.
When a Good Thing Goes Bad – How Vulnerabilities Were Intentionally Built Into pipdig
Published 2018-04-06 | SiteLock Article | Wayback Archive
Don’t just pay attention to the man behind the curtain, tear the curtain down and burn it. I discuss the malicious intent behind the pipdig Power Pack (P3) plugin, and the fallout from the malicious code being uncovered.
Malware: The Gift That Keeps on Giving
Published 2017-06-02 | Infosec Island Article | Wayback Archive
Sometimes a gift is more than just a gift. This article describes how something that seems harmless can be used to hide malware, steal your data, or even provide a backdoor into your systems.