AsyncRAT is an open-source remote administration tool released on GitHub in January 2019. It’s designed to remotely control computers via encrypted connection, providing complete control via functionalities such as: Although the official GitHub repository contains a legal disclaimer, AsyncRAT is popularly used by attackers and even some APT groups. Netskope Threat Labs recently came across a FUD (Fully Undetected) Batch script which is downloading AsyncRAT from an Amazon S3 Bucket.

Today, I’m excited to announce that Rubrik has achieved the status of a certified Backup & Restore provider for Microsoft Teams. We’re thrilled to demonstrate proficiency and commitment to meet Microsoft customers’ evolving needs in today’s security-first, cloud-first world and a distinguishing mark within Microsoft’s partner ecosystem.

Read also: Greece’s natural gas supplier DESFA hit with ransomware, an advanced BEC campaign targets high-ranking executives, and more.

On August 4, 2022, Advanced – a major software provider for the UK’s National Health System (NHS) and other healthcare customers – suffered a ransomware attack from a group that is still unknown to the public. The attack disrupted NHS services including ambulance dispatch, appointment bookings, patient referrals and emergency prescriptions.

The Hive Gang is a Ransomware as a Service (RaaS) providers first identified in June 2021. Although relatively new, their aggressive tactics and ever evolving malware variants have made them one of the most successful RaaS groups of its kind. Find out how the group has risen through the ranks with their advanced ransomware kit, API based portal and negotiation services.

In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, CrowdStrike’s Endpoint Protection Content Research Team discusses how threat actors have used legitimate third-party drivers to bypass the visibility and detection capabilities of security mechanisms and solutions.

Learn to protect data from ransomware Explore real-life cybercrime examples Dive into the future of data security Learn to protect data from ransomware Register Now About half of CISOs say that their organisation is unprepared to cope with a coordinated attack. So they’re investing heavily to manage the risk. Deloitte reported that firms spend over 10% of their annual IT budget on cybersecurity. That works out at about $2-5 million per year for a typical enterprise.

Splunk SURGe recently released a whitepaper, blog and video that outline the encryption speeds of 10 different ransomware families. The outcome of this research was that it is unlikely that a defender will be able to do anything once the encryption has started. Ransomware today is also mostly “human-operated” where many systems are sought out and compromised before any encryption activities occur and, once they do, the encryption is just too fast to meaningfully affect the damage done.

The Relational Database Service (RDS) service offered by AWS is one of the most popular databases today. A lot of critical, confidential data resides inside of RDS. Hence it becomes imperative to protect this data from various threats and ensure that the data is secure. Our approach to protecting the data inside RDS is based on two aspects: Rubrik already supports a modern approach to safeguarding RDS data from an operational perspective and also maintains a clean, secure copy in a different region.

Security threats evolve just as fast as the technologies used to stop them. New and modified attack strategies are constantly in the works. To make matters worse, the attack surface within corporate networks is expanding. The push to work from home increased vulnerable points of entry by introducing multitudes of new endpoint devices. The move to cloud-based services and infrastructure has further resulted in a broader and more challenging landscape to defend.