Incident-Response
Trellix Confirms Source Code Repository Breach: Security Vendor's Internal Code Accessed by Unknown Attackers
Trellix confirms unauthorized access to a portion of its internal source code repository, with forensic experts and law enforcement engaged. The blast radius for a security vendor going public with a code breach is its customer base — every defender running its EDR agents.
The Ransomware Dwell Time Collapse: When the Entire Kill Chain Fits Inside an Hour
Akira is encrypting domains 60 minutes after a VPN login. Storm-1175 is going from zero-day to domain-wide Medusa deployment in under 24 hours. The industry's average detection time is still measured in days. The math no longer works.
Anubis Ransomware Gang Claims 2TB Exfiltration from Signature Healthcare as Brockton Hospital Diverts Ambulances
Anubis RaaS group claims theft of 2TB of patient data from Signature Healthcare while Brockton Hospital diverts ambulances, cancels chemo, and operates on paper charts a week after the attack.
Akira Ransomware Now Encrypts in Under an Hour: SonicWall VPNs Are the Front Door
Akira ransomware operators are completing full attack chains from initial VPN access to encryption in under 60 minutes, targeting SonicWall SSL VPNs even on patched devices.