Malware

Hunt for Threats Within Backups to Minimize Data Loss and Downtime

Jun 12, 2024 By Vir Choksi In Rubrik

Mike Tyson famously said, “Everybody has a plan until they get punched in the mouth.” After falling victim to a cyberattack, it is crucial for organizations to respond promptly and effectively to minimize damage, recover operations, and prevent future incidents. One of the most critical elements of responding to an incident is the recovery and restoration of affected systems so that business as usual can be restored as quickly and safely as possible.

Read Post

Rubrik

Read more about Hunt for Threats Within Backups to Minimize Data Loss and Downtime

PLAY Ransomware Group Gains Access via Citrix Bleed Vulnerability

Jun 11, 2024 By Kroll In Kroll

In November 2023, the Cybersecurity & Infrastructure Security Agency (CISA) published guidance for addressing vulnerability CVE-2023-4966, affecting Citrix NetScaler ADC and NetScaler Gateway. This vulnerability is also known as Citrix Bleed.

Read Post

Kroll

Read more about PLAY Ransomware Group Gains Access via Citrix Bleed Vulnerability

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

Jun 11, 2024 By Stu Sjouwerman In KnowBe4

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos. “The DarkGate malware family is distinguished by its covert spreading techniques, ability to steal information, evasion strategies, and widespread impact on both individuals and organizations” the researchers explain.

Read Post

KnowBe4

Read more about DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

Search & Spoof: Abuse of Windows Search to Redirect to Malware

Jun 11, 2024 By Trustwave In Trustwave

Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware. We found the threat actors utilizing a sophisticated understanding of system vulnerabilities and user behaviors. Let’s break down the HTML and the Windows search code to better understand their roles in the attack chain.

Read Post

Trustwave

Read more about Search & Spoof: Abuse of Windows Search to Redirect to Malware

Rubrik Expands Data Access Governance (DAG) Solution with New Identity Inventory

Jun 10, 2024 By Filip Verloy In Rubrik

In a recent Fortune article, Amazon’s chief security officer, Steve Schmidt, suggests 6 questions every company's board should ask its CISOs to understand how robust their cybersecurity preparation is. One of the most challenging questions for CISOs was: “Who has access to what data? Why do they need it, and for how long?” This question is critical because cyberattacks often begin with weak, leaked, or stolen passwords.

Read Post

Rubrik

Read more about Rubrik Expands Data Access Governance (DAG) Solution with New Identity Inventory

The Most Common Ways Cyber Criminals Will Target Your Business

Jun 6, 2024 By SecuritySenses In SecuritySenses

Businesses face an ever-growing array of security threats from cybercriminals. Scammers and hackers employ increasingly sophisticated techniques to infiltrate corporate networks, steal sensitive information, and disrupt operations. In 2023, consumers and businesses in the United States reported losing more than $10 billion to fraud and online scams, marking the first time that fraud losses have reached that benchmark. This is a 14% increase over reported losses in 2022.

Read Post

SecuritySenses

Read more about The Most Common Ways Cyber Criminals Will Target Your Business

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Jun 6, 2024 By Graham Cluley In Tripwire

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn't involve paying a ransom? Well, don't fear. The FBI announced this week that it had obtained over 7,000 decryption keys for the LockBit ransomware and is urging victims to come forward for free assistance.

Read Post

Tripwire

Read more about Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Into the Rat's Nest: A SenseOn Analysis of the NetSupport RAT

Jun 6, 2024 By Isabel Carter In SenseOn

Threat actors prefer deploying tools which appear genuine and expected in a business IT environment. This provides camouflage for their toolset, blending into organisations' application portfolios. NetSupport Manager, a remote access tool, has been utilised by system administrators since its release in 1989 and has been used by threat actors since at least 2016.

Read Post

SenseOn

Read more about Into the Rat's Nest: A SenseOn Analysis of the NetSupport RAT

EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

Jun 6, 2024 By Drago Corlătescu - Alexandru Dinu - Mihaela Găman - Paul Sumedrea In CrowdStrike

CrowdStrike is constantly researching, working and innovating to stay at the cutting edge of threat detection and response. Recently, these efforts include EMBERSim, a large-scale dataset developed to address limitations in binary code similarity (BCS), improve malware detection and facilitate future work in this area.

Read Post

CrowdStrike

Read more about EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

Surge in CatDDoS Attacks: Exploiting Vulnerabilities to Spread Mirai Variant

Jun 6, 2024 By Foresiet In Foresiet

The cybersecurity landscape has recently been shaken by a surge in activity involving a Mirai distributed denial-of-service (DDoS) botnet variant known as CatDDoS. Over the past three months, threat actors have aggressively exploited more than 80 vulnerabilities to spread this malware. In this blog, we explore the recent CatDDoS attacks, the targeted sectors, and the implications for cybersecurity practices.

Read Post