Lunar Spider Expands their Web via FakeCaptcha

Key Findings Lunar Spider has expanded its initial access methods by compromising vulnerable websites, particularly in Europe, using Cross-Origin Resource Sharing (CORS) vulnerabilities. These websites are then injected with a FakeCaptcha framework. The FakeCaptcha framework is introduced via a JavaScript script that generates an iframe, overlaying the original site's content with the attacker's FakeCaptcha page. … Continue reading Lunar Spider Expands their Web via FakeCaptcha →

Backups & DRP in the ransomware era

In today's digital landscape, the threat of ransomware has forced organizations to reevaluate their disaster recovery plans. Traditional approaches to data protection were focused primarily on high availability and are no longer sufficient. As cyber threats evolve, so must our strategies for safeguarding critical information. This blog post explores the principles and architectures needed to … Continue reading Backups & DRP in the ransomware era →

Your Playbook to a better Incident Response Plan

You just had your first encounter with the "Headless Chicken Effect" during a security incident, like we mentioned in our last blog post. Maybe you like to be prepared against any possible scenario because you know that it's not a matter of 'if', but rather a matter of 'when'? In this second blogpost in our "Ransomware Readiness" series, we'll look into how you can better prepare yourself to face such incidents in the future, whether it's through planning, documentation, or testing.

Building Cyber Resilience Against Ransomware Attacks

Or, "Yet another ransomware blog post?" "Yet another ransomware blog post?" I hear you asking. Well, yes! Besides, Ransomware attacks have been on the rise again costing affected organizations and industries more than ever. Let's dive into some numbers to set the stage: According to IBM and Ponemon institute, in 2024, the average cost of a … Continue reading Building Cyber Resilience Against Ransomware Attacks →