Archive | Data Breach RSS feed for this section

Protecting Your Company From a Cybersecurity Meltdown (or Spectre)

The following blog was written and posted by Willis Towers Watson, February 22, 2018. The latest threat to cybersecurity isn’t a new form of ransomware — it’s a pair of hardware bugs that have the ability to impact virtually any device that has a chip in it – including servers, desktops and mobile devices. These infiltrators, […]

Spotlight on Ransomware: Recent Trends

Kivu rounded out the calendar year with a holiday season bursting with ransomware attacks. Here’s the good, the bad and the ugly on what we’re seeing in recent attacks (really just the bad and the ugly). Extension-Agnostic Ransomware Traditionally, ransomware encrypts files based on their file extensions. Most ransomware contains source code with a list […]

2017 is the Year Of the Phishing Attack

Kivu’s Douglas Brush sits down with David Navetta, breach coach From Norton Rose Fulbright, to speak about incident response for the Cyber Security Interviews Podcast. Douglas Brush, Director from Kivu’s Denver, CO office is the founder and host of the Cyber Security Interviews podcast. He recently published an episode with David Navetta, US co-chair of Norton […]

Ransomware-as-a-Service (RaaS)

There have been whispers on the dark web about “Ransomware-as-a-Service (RaaS)” as far back as 2015, but Kivu had its first known RaaS case in March 2017. In this case, the client’s terminal server was infected with Satan ransomware. The Satan ransomware strain is a known RaaS variant that encrypts the victim’s files with the […]

Kivu Supports Endurance’s New Cyber Extortion Response Services

Kivu will be providing the technical forensics support for Endurance’s recently launched Cyber Extortion Response Services.  Working with the law firm Mullen Coughlin, Kivu will guide ransomware victims as they respond to malicious attacks, including arranging for payment in Bitcoin or other cryptocurrency, analyzing and testing decryption keys to ensure they are effectively and safely […]

Ransomware v2: Facing the Latest Cyber Security Threats

A Q&A with Winston Krone of Kivu Consulting – Posted by Mark Greisiger on Junto Blog Oct 2016 There’s no doubt that ransomware attacks are on the rise and they’re becoming more insidious. I spoke with Winston Krone, global managing director of Kivu Consulting about what the latest version of ransomware looks like and what […]

Testing Password Encryption Strength

Testing the Password Encryption Strength of NT LAN Manager and LAN Manager Hash Security risks associated with weak user-created passwords are well documented. In 2009, for example, cyber security provider Imperva analyzed more than 32 million passwords that were released in a 2009 data breach. More than 50% of the passwords involved poor user password […]

NPR’s Marketplace – Your Boss May Know You Want to Quit Before You Do

Honored to be interviewed on NPR’s Marketplace on how forensic evidence can identify key employees who are planning to quit after receiving their bonuses (and maybe taking secrets).  We see a big spike in trade secret theft during the bonus season – but interestingly the taking can start months in advance when the star salesperson or software […]

Using iOS Backup Files to Obtain Text Messages from Apple Devices

In several forensic investigation cases, Kivu has analyzed iOS backup files as a method of obtaining evidence of text messages or other data from an iOS device, usually when an iOS device is not readily available or as a means of cross-correlating evidence. These backups are often made to the custodian’s computer when they connect […]