Malware

Unveiling the Nestle Data Breach: A Deep Dive into R00TK1T's Threat

Apr 19, 2024 By Foresiet In Foresiet

In the ever-evolving landscape of cybersecurity threats, the recent breach by the notorious hacker group R00TK1T serves as a stark reminder of the vulnerabilities faced by even the most established organizations. As the Foresight Threat Team delves into the details of this alarming incident, it becomes imperative to shed light on the implications and lessons to be learned from this breach.

Read Post

Foresiet

Read more about Unveiling the Nestle Data Breach: A Deep Dive into R00TK1T's Threat

Akira Ransomware Makes a Play for VPNs Without Multi-Factor Authentication

Apr 19, 2024 By Kroll In Kroll

Learn about careers with us and search open job opportunities here. In Q4 2023, Kroll identified an uptick in engagements involving Akira ransomware, a trend that has continued into 2024. Kroll observed that in the majority of cases, initial activity could be tracked back to a Cisco ASA VPN service.

Read Post

Kroll

Read more about Akira Ransomware Makes a Play for VPNs Without Multi-Factor Authentication

SafeBreach Coverage for AA24-109A (Akira Ransomware)

Apr 19, 2024 By Kaustubh Jagtap In SafeBreach

On April 18th, the United States’ Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) issued an urgent advisory about Akira ransomware’s recently exhibited malicious behavior (as of February 2024). Detailed information about these threats and the associated IOCs and TTPs can be seen on #StopRansomware: Akira Ransomware.

Read Post

SafeBreach

Read more about SafeBreach Coverage for AA24-109A (Akira Ransomware)

Unveiling the Blackjack Group's Fuxnet Malware: A Stealthy Cyber Threat

Apr 17, 2024 By Foresiet In Foresiet

The Blackjack hacking group, reportedly associated with Ukrainian intelligence services, has claimed responsibility for a significant cyberattack impacting emergency detection and response systems in Moscow and surrounding areas.

Read Post

Foresiet

Read more about Unveiling the Blackjack Group's Fuxnet Malware: A Stealthy Cyber Threat

Netskope Threat Coverage: Evil Ant Ransomware

Apr 16, 2024 By Ghanashyam Satpathy In Netskope

Netskope Threat Labs recently analyzed a new ransomware strain named Evil Ant. Evil Ant ransomware is a Python-based malware compiled using PyInstaller that looks to encrypt all files stored on the victim’s personal folders and external drives. This ransomware strain requires process continuity from encryption until file recovery. Rebooting, shutting down, or ending the ransomware process will make affected files unrecoverable.

Read Post

Netskope

Read more about Netskope Threat Coverage: Evil Ant Ransomware

From Water to Wine: An Analysis of WINELOADER

Apr 16, 2024 By Splunk Threat Research Team In Splunk

In late February 2024, Mandiant identified APT29, a Russian state-sponsored threat group, deploying a new backdoor called WINELOADER to target German political parties. This campaign marks a significant shift in APT29's targeting, as they have traditionally focused on government and diplomatic entities. The expansion to political parties suggests an evolution in the group's intelligence gathering priorities, likely influenced by the current geopolitical climate.

Read Post

Splunk

Read more about From Water to Wine: An Analysis of WINELOADER

Law Enforcement Must Keep up the Pressure on Cybergangs

Apr 16, 2024 By Craig Searle In Trustwave

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware gangs that often takes place. However, this level of difficulty doesn’t mean the pressure should be relieved.

Read Post

Trustwave

Read more about Law Enforcement Must Keep up the Pressure on Cybergangs

Latest malware trends according to our ISR

Apr 15, 2024 By The Editor In WatchGuard

In today's digital age, cybersecurity has become a constant concern for organizations. A thorough understanding of the cyber threat landscape is needed to address these challenges and protect your company's systems and data, as only then can you implement effective protection measures.

Read Post

WatchGuard

Read more about Latest malware trends according to our ISR

CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments

Apr 15, 2024 By Christopher Miller In CrowdStrike

CrowdStrike Falcon Next-Gen SIEM, the definitive AI-native platform for detecting, investigating and hunting down threats, enables advanced detection of ransomware targeting VMware ESXi environments. CrowdStrike has observed numerous eCrime actors exploiting ESXi infrastructure to encrypt virtual machine volumes from the hypervisor to deploy ransomware in organizations. Access to ESXi infrastructure typically takes place as part of lateral movement.

Read Post

CrowdStrike

Read more about CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments

Shamane Tan on rising up - Cyber Security Decoded

Apr 15, 2024 By Rubrik In Rubrik

Inspirational words from Shamane Tan on Cyber Security Decoded…as you climb your personal ladder to success, you should be your biggest cheerleader! There won’t always be someone there to recommend you for promotions or point you in the right direction. People come and go, and opportunities arise and vanish. That’s why in order to grow, whether it’s in the #CyberSecurity industry, the broader #Technology industry, or elsewhere, you must always be proactive in seeking out new ways to grow personally and professionally!

View Video