Skip to content

Blog

Double Extortion Ransomware – a dangerous attack 

Unlike traditional ransomware attacks that solely focus on locking up an organization’s files, double extortion attacks add an additional layer of pressure by threatening to expose sensitive information. Here are some tips from our SamurAI SOC on how to detect threats and protect your busniness.

Published:
NIS2 Directive

Navigating the NIS2 Directive: Essential Cybersecurity Upgrades for Critical Sectors 

The NIS2 directive, effective in Sweden from October 18, 2024, will significantly impact various sectors, enhancing risk management, network security, and 24/7 incident reporting. This blog explores the expanded industry scope, preparation strategies for organizations, and the critical need for robust cybersecurity amid rising cyber threats.

Published:
NIS2 Directive

Is your organization ready for the NIS2 Directive?

The NIS2 Directive enhances the resilience and security of EU organizations. With expanded sector coverage and stricter obligations, non-compliance can lead to fines up to 10 million euros. Prompt incident reporting is crucial, requiring early warnings within 24 hours and detailed reports within 72 hours to mitigate cyber risks effectively.

Published:
servers

Ransomware in critical infrastructure increases by 77%

Discover the latest trends in ransomware attacks against organizations with critical infrastructure from our Global Threat Intelligence Report. Joel Cedersjö, cybersecurity expert, sheds light on the urgency of protecting businesses and consumers in the ever evolving landscape.

Published:
Phishing

SamurAI Cyber Analysts Uncover Phishing Campaign Exploiting Microsoft Planner 

In August, SamurAI SOC analysts uncovered a phishing campaign exploiting Microsoft Planner. Attackers mimicked Planner notifications, using convincing email addresses to deceive users. The emails led to a redirector and then to “EvilProxy,” intercepting login credentials. Our SamurAI SOC developed custom Sigma rules to detect these tactics.

Published:
Cybersecurity

Unexpected supply chain attack after acquisition of polyfill.io

Sansec reported a supply chain attack on Polyfill.io after its acquisition by Funnull in February. Malicious code was injected, targeting mobile devices and redirecting users to scam sites. The developer community responded quickly, with Namecheap suspending the malicious domain and Cloudflare and Fastly providing secure alternatives.

Published:
Cybersecurity

US thwarts AI bot farm used by Russian actors to spread propaganda

The US Department of Justice announced that it had dismantled a Russian AI-powered bot farm aimed at spreading propaganda. Nearly 1,000 social media accounts, allegedly posing as US residents, were seized. These accounts were used to support the invasion of Ukraine and sway public opinion in favor of Russia.

Published: