Lessons learned from a Man-in-the-Middle attack

It’s become a widely accepted mantra that experiencing a cyber breach is a question of ‘when’ and not ‘if’. For Fox-IT ‘if’ became ‘when’ on Tuesday, September 19 2017, when we fell victim to a “Man-in-the-Middle” attack. As a result of the multi-layered security protection, detection and response mechanisms we had in place, the incident … Continue reading Lessons learned from a Man-in-the-Middle attack

Criminals in a festive mood

This morning the Fox-IT Security Operations Center observed a large number of phishing e-mails that contained a link to a downloadable zip file. Anyone downloading and opening that zip file would infect themselves with banking malware, that would subsequently try to lure the victim into divulging their credit card information. So far nothing new: e-mail … Continue reading Criminals in a festive mood

Fox-IT debunks report on ByLock app that landed 75,000 people in jail in Turkey

The Turkish government has been actively pursuing the prosecution of the participants of the Gülen movement in what it calls “the Fetullahist Terrorist Organization/Parallel State Structure (FETÖ/PDY)”. To this end, the Turkey’s National Intelligence Organization (Millî İstihbarat Teşkilatı or MİT in Turkish) has investigated the relation of a publicly available smart phone messaging application called … Continue reading Fox-IT debunks report on ByLock app that landed 75,000 people in jail in Turkey

FAQ on the WanaCry ransomware outbreak

Last updated: May 16th 2017 A ransomware variant known as WanaCry/WanaCrypt0r has spread on a massive scale around the world since the 12th of May 2017. For more information about the context with regards to this WanaCry variant, see also our earlier blog. The section below outlines the frequently asked questions and corresponding answers. Q: … Continue reading FAQ on the WanaCry ransomware outbreak

Massive outbreak of ransomware variant infects large amounts of computers around the world

Today, May 12th 2017, a ransomware variant known as WanaCry is being spread on a massive scale around the world. Once a computer is infected it will attempt to infect other machines on the same network using a recently patched vulnerability in the Windows SMB protocol. Update: We have published an FAQ to answer additional … Continue reading Massive outbreak of ransomware variant infects large amounts of computers around the world