AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems. Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.
The BlackCat/ALPHV ransomware is a complex threat written in Rust that appeared in November 2021. In this post, we describe a real engagement that we recently handled by giving details about the tools, techniques, and procedures (TTPs) used by this threat actor. Firstly, the attacker targeted an unpatched Microsoft Exchange server and successfully dropped webshells on the machine.
Chris Krebs, former Director of the Cybersecurity and Infrastructure Security Administration (CISA) and the new Chair of Rubrik’s CISO Advisory Board, joined us at FORWARD to discuss ransomware, cyber resilience, and all things data security with co-founder and CTO, Arvind (Nitro) Nithrakashyap. His vast experience working with executives, government officials, and IT experts across the country has given him a unique insight into cybersecurity, which he shared, only at FORWARD.
Coming in with very limited domain knowledge, it was a huge challenge for me to dive in and design product features for highly specialized use cases in the data security space. Chances are, there are a lot of you in UX and Product Designer roles who go through similar experiences when designing enterprise software in niche industries. Over the past several years I've discovered a few strategies that have helped ground me in my work.
Read also: Nitrokod cryptomining campaign infected thousands of PCs in 11 countries, Italian oil giant hit with a cyberattack, and more.
“If a tree falls in a forest and no one is around to hear it, does it make a sound?” If an unmanaged device is infected with ransomware, will the security operations team receive an alert? Consider a contractor or employee who uses their personal laptop for work. If that device becomes infected with ransomware, not only does it pose a risk to the organization’s data and a risk to other devices within the organization, but the device is not centrally managed.
I’m thrilled to share that today marks a defining moment in Rubrik’s mission to secure the world’s data with several major milestones including: I’m proud of the Rubrik team and their relentless focus on product innovation, but we couldn’t have done this without amazing customers and partners who believe in our mission and continue to trust us with their businesses and their data.
AsyncRAT is an open-source remote administration tool released on GitHub in January 2019. It’s designed to remotely control computers via encrypted connection, providing complete control via functionalities such as: Although the official GitHub repository contains a legal disclaimer, AsyncRAT is popularly used by attackers and even some APT groups. Netskope Threat Labs recently came across a FUD (Fully Undetected) Batch script which is downloading AsyncRAT from an Amazon S3 Bucket.
Today, I’m excited to announce that Rubrik has achieved the status of a certified Backup & Restore provider for Microsoft Teams. We’re thrilled to demonstrate proficiency and commitment to meet Microsoft customers’ evolving needs in today’s security-first, cloud-first world and a distinguishing mark within Microsoft’s partner ecosystem.
