Malvuln Project Catalogues Vulnerabilities Found in Malware
January 15, 2021
HYAS Director of Threat Intelligence, Greg Leah, comments on a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.Read more
Ryuk ransomware Bitcoin wallets point to $150 million operation
January 7, 2021
Security researchers from HYAS and Advanced Intelligence followed the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million.Read more
Ryuk gang estimated to have made more than $150 million from ransomware attacks
January 7, 2021
The operators of the Ryuk ransomware are believed to have earned more than $150 million worth of Bitcoin from ransom payments following intrusions at companies all over the world. This news article highlights research published by HYAS Threat Intelligence and Advanced Intelligence LLC explaining the financial model behind Ryuk ransomware.Read more
The Hack Roundup for 22 Dec 2020: Treasury Briefing Reignites Encryption Debate
December 22, 2020
HYAS Founder Chris Davis describes the magnitude and implications of the SolarWinds compromise.Read more
Apple and Cloudflare quietly developed a way to make it harder for ISPs to track your internet traffic. Here's what it means for your privacy.
December 11, 2020
HYAS CTO Chris Davis comments on enterprise security implications of a new DNS protocol being developed by Apple and Cloudflare. (Subscription Required)Read more
Krebs on Security: French Firms Rocked by Kasbah Hacker?
March 2, 2020 9:00 AM
Brian Krebs explains how a large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco. The threat actor was located with the help of HYAS threat intelligence. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and fix security vulnerabilities in their products.Read more
Cyber Attribution for Enterprise
February 21, 2020
In perhaps the greatest scene of any movie ever, Harrison Ford as Indiana Jones watches an expert swordsman on the streets of Cairo swiftly brandish his weapon in advance of an epic fight. Jones watches the fanciful display, and then just sighs and points his pistol at the guy and shoots. This scene is the canonical example of how you can do things the hard way – or you can do things the easy way. I crack up every time I re-watch it on YouTube.
The reason I bring this up is that the familiar cyber security concept of attribution can be done the hard or easy way – although for most organizations, the choice is pre-made. Specifically, the relatively straightforward way to establish attack origin is to use a snitch, leak, or tap – and if you’re NSA, then this is how you would do it. But if you’re the rest of us, then you must rely on more complex technical clues to determine accurate attribution.Read more
Krebs on Security: The Rise of “Bulletproof” Residential Networks
February 23, 2020
Brian Krebs examines how cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers. But this story is about so-called “bulletproof residential VPN services” that appear to be built by purchasing or otherwise acquiring discrete chunks of Internet addresses from some of the world’s largest ISPs and mobile data providers.Read more
Next Generation of Information Security Technology meets the demands of growing Cybersecurity Sector
February 21, 2020
A Canadian-made cybersecurity system is making the internet safer thanks to a $475,000 investment from Western Economic Diversification Canada’s Western Innovation Initiative (WINN). The funding was announced by the Honourable Carla Qualtrough, Minister of Public Services and Procurement and Accessibility, on behalf of the Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development and Minister responsible for Western Economic Diversification Canada, at the 2018 Aerospace, Defence and Security Expo.
As the global economy becomes increasingly digital, the importance of protecting organizations against cyber attacks continues to grow. WINN will help HYAS Infosec Inc. – a Vancouver Island-based information security firm – to commercialize their next generation cybersecurity platform while creating new economic opportunities and employment in the fast-growing threat intelligence sector right here in B.C.Read more
Uncovering The Cyberattacker, Not Just The Cyberattack
August 10, 2018
Cybercriminals make an estimated $1.5 trillion every year from cybercrime. Most of that can be traced back to trade on illegal online markets and intellectual property theft. Trading of stolen data is worth a cool $160 billion, crimeware-as-a-service makes criminals $1.6 billion a year and ransomware results in $1 billion in criminal earnings.
Corporates around the world are expected to spend an estimated $96 billion on cybersecurity efforts this year, but with cybercriminals continuing to rake in the money, that spend may be in vain. It’s a fact that Jeff Spencer, COO of cybersecurity firm HYAS, described as “sad.”Read more
Microsoft Pours Millions into Startup that Nails Cybercriminals
August 10, 2018
Chris Davis, Hyas’s CEO and co-founder describe his company’s mission as providing “to-the-doorstep attribution,” meaning that it pinpoints attackers’s whereabouts and helps law enforcement apprehend them. “My drive is to locate the bad guy,” he tells Fortune.Read more