Jack Rhysider

If you want to improve the security of your organization, give them a call. I'm sure they can help. But the founder of the company, John Strand, is a teacher, and he's made it a mission to make Black Hills Information Security world-class in security training. You can learn things like penetration testing, securing the cloud, breaching the cloud, digital forensics, and so much more.

If you want to improve the security of your organization, give them a call. I'm sure they can help. But the founder of the company, John Strand, is a teacher, and he's made it a mission to make Black Hills Information Security world-class in security training. You can learn things like penetration testing, securing the cloud, breaching the cloud, digital forensics, and so much more.

But get this, the whole thing is pay what you can. Black Hills believes that great intro security classes do not need to be expensive, and they are trying to break down barriers to get more people into the security field. And if you decide to pay over $195, you get six months access to the MetaCTF Cyber Range, which is great for practicing your skills and showing them off to potential employers.

But get this, the whole thing is pay what you can. Black Hills believes that great intro security classes do not need to be expensive, and they are trying to break down barriers to get more people into the security field. And if you decide to pay over $195, you get six months access to the MetaCTF Cyber Range, which is great for practicing your skills and showing them off to potential employers.

Head on over to blackhillsinfosec.com to learn more about what services they offer and find links to their webcasts to get some world-class training. That's BlackHillsInfosec.com. BlackHillsInfosec.com. Omar was scanning the Dominican Republic's DNS queries to see if anything unusual was going on.

Head on over to blackhillsinfosec.com to learn more about what services they offer and find links to their webcasts to get some world-class training. That's BlackHillsInfosec.com. BlackHillsInfosec.com. Omar was scanning the Dominican Republic's DNS queries to see if anything unusual was going on.

Oh, no. A computer within the Dominican Republic government was connecting to a command control server, otherwise known as a C2 server, that is known to control systems infected by the Conti ransomware. This is bad. This indicates that the government is about to get hit. Someone has them in their crosshairs and just needs to pull the trigger.

Oh, no. A computer within the Dominican Republic government was connecting to a command control server, otherwise known as a C2 server, that is known to control systems infected by the Conti ransomware. This is bad. This indicates that the government is about to get hit. Someone has them in their crosshairs and just needs to pull the trigger.

And perhaps they're going to get hit as hard as Costa Rica got hit. Whoever was behind that attack on Costa Rica clearly had a lot of time and resources to make a very deep and wide impact there, crippling their systems and government. But lucky that Omar has such a keen eye and is tuned into the threats of his government so he can detect this early.

And perhaps they're going to get hit as hard as Costa Rica got hit. Whoever was behind that attack on Costa Rica clearly had a lot of time and resources to make a very deep and wide impact there, crippling their systems and government. But lucky that Omar has such a keen eye and is tuned into the threats of his government so he can detect this early.

So he zoomed into this alert and he saw that, yes, in fact, a system did get infected and it reached out to the command and control server to download Cobalt Strike. Cobalt Strike is like a full suite of hacker tools. It's equivalent to finding a bad guy in your building and also finding his huge sack of tactical spy tools.

So he zoomed into this alert and he saw that, yes, in fact, a system did get infected and it reached out to the command and control server to download Cobalt Strike. Cobalt Strike is like a full suite of hacker tools. It's equivalent to finding a bad guy in your building and also finding his huge sack of tactical spy tools.

But because they spotted this, as it was unfolding, they were able to delete those tools and clean that system and start hardening that system so it doesn't get infected again. On top of that, with this newfound activity on their network, knowing that they're in the crosshairs of somebody, it was important to start alerting the users in the government agencies. Be on alert.

But because they spotted this, as it was unfolding, they were able to delete those tools and clean that system and start hardening that system so it doesn't get infected again. On top of that, with this newfound activity on their network, knowing that they're in the crosshairs of somebody, it was important to start alerting the users in the government agencies. Be on alert.

We are seeing some bad weather on the horizon. Be very cautious of any phishing emails. And please, please, please report anything suspicious to the security team. Thank you.

We are seeing some bad weather on the horizon. Be very cautious of any phishing emails. And please, please, please report anything suspicious to the security team. Thank you.

Okay, wow, so they were seeing a lot of phishing attempts. Emails posing as someone else trying to get users to click links, open zip files or attachments. And in every one of these emails, the attackers spoke perfect Spanish. This is really curious since a lot of these ransomware gangs would be coming from Eastern Europe or Russia.

Okay, wow, so they were seeing a lot of phishing attempts. Emails posing as someone else trying to get users to click links, open zip files or attachments. And in every one of these emails, the attackers spoke perfect Spanish. This is really curious since a lot of these ransomware gangs would be coming from Eastern Europe or Russia.

They wouldn't have the ability to speak perfect Spanish on such a large scale with hundreds of phishing emails being written.

They wouldn't have the ability to speak perfect Spanish on such a large scale with hundreds of phishing emails being written.