Malware

Qlik Sense Exploited in Cactus Ransomware Campaign

Nov 28, 2023 By Stefan Hostetler, Markus Neis, Kyle Pagelow In Arctic Wolf

Arctic Wolf Labs has observed a new Cactus ransomware campaign which exploits publicly-exposed installations of Qlik Sense, a cloud analytics and business intelligence platform.[1] Based on available evidence, we assess that all vulnerabilities exploited were previously identified by researchers from Praetorian [2,3]. For more information on these vulnerabilities, see the advisories published by Qlik (CVE-2023-41266, CVE-2023-41265, and CVE-2023-48365) as well as our Security Bulletin.

Read Post

Arctic Wolf

Read more about Qlik Sense Exploited in Cactus Ransomware Campaign

Unlocking Cyber Resilience: Strategies from the 2023 Global Ransomware Trends Report

Nov 28, 2023 By Opti9 In Opti9

Recent findings from the 2023 Global Ransomware Trends Report, reveal a concerning uptick: 85% of organizations experienced a cyberattack in the past year, up from 76% the previous year. Understanding the nuances of defense and recovery becomes paramount as cyber threats escalate. Join us for this essential discussion based on insights from one of the most extensive independent studies to date, encompassing 1,200 organizations from 14 different countries. All these organizations have one thing in common – they’ve braved cyberattacks.

View Video

Opti9

Read more about Unlocking Cyber Resilience: Strategies from the 2023 Global Ransomware Trends Report

Webinar Replay: Q3 2023 Threat Landscape: Kroll Top 10 Malware Strains

Nov 28, 2023 By Kroll In Kroll

Kroll actively tracks malware command and control infrastructure, submissions to public sandboxes and active incident response (IR) and managed detection and response (MDR) case data to generate lists of the most active malware strains for comparison.

View Video

Kroll

Read more about Webinar Replay: Q3 2023 Threat Landscape: Kroll Top 10 Malware Strains

How To Recover From a Ransomware Attack

Nov 27, 2023 By Tim Tran In Keeper

If you’re the victim of a ransomware attack, there are no guarantees that you can recover your stolen data. The best you can do is mitigate the effects of the attack and remove the ransomware from your device. The steps to recover from a ransomware attack include isolating your device, removing the ransomware, restoring your backed-up data and changing any compromised login credentials.

Read Post

Keeper

Read more about How To Recover From a Ransomware Attack

Introducing VM Encryption Detection

Nov 27, 2023 By Rubrik In Rubrik

Cyber attacks on host virtual machines are on the rise! Are you prepared to detect and recover from VM encryption? Let us know what you’re doing to secure your VMs in the comments below! #shorts.

View Video

Rubrik

Read more about Introducing VM Encryption Detection

From Transparency to Coercion, Emerging Threat Actor Tactics

Nov 26, 2023 By Gemma Goldstein In Cyberint

“The evolving threat landscape” sounds like an overused clichè; however, marked shifts in threat actor tactics in the past year are evidence of widespread and brazen growth in confidence among threat actors. Evident in recent incidents, such as ALPHV, AKA Black Cat’s exploitation of legal avenues, and the emergence of “The Five Families” alliance, cybercriminals are stretching their levels of coordination and reach.

Read Post

Cyberint

Read more about From Transparency to Coercion, Emerging Threat Actor Tactics

Your Backup Data: An Untapped Source of Security Intelligence

Nov 21, 2023 By Vir Choksi In Rubrik

It goes without saying that organizations must back up their critical data to ensure business continuity in the event of cyber attacks, disasters, operational failures, or insider threats. But are passive backups enough in today’s environment of sophisticated cyber threats? Despite having backups and various security tools to monitor infrastructure, organizations remain vulnerable to attackers who are still managing to penetrate defenses.

Read Post

Rubrik

Read more about Your Backup Data: An Untapped Source of Security Intelligence

Lessons Learned From the Clark County School District Ransomware Attack

Nov 21, 2023 By Mike Eppes In Keeper

Clark County School District in Nevada, the fifth-largest school district in the United States, recently experienced a massive data breach. Threat actors gained access to the school district’s email servers, which exposed the sensitive data of over 200,000 students. The district is now facing a class-action lawsuit from parents, alleging it failed to protect sensitive personal information and take steps to prevent the cybersecurity attack.

Read Post

Keeper

Read more about Lessons Learned From the Clark County School District Ransomware Attack

The Lumma Stealer InfoStealer: The Details

Nov 21, 2023 By Adi Bleih In Cyberint

The information stealers ecosystem continues to expand as we witness the ongoing maintenance and new capabilities in the latest stealers versions. 2023 was a good year for InfoStealers as they keep evolving along with exploiting the popular vulnerabilities from the last years to infiltrate targeted devices. InfoStealer malware has become increasingly widespread, new business models are being introduced and new detection evasion capabilities are being implemented.

Read Post

Cyberint

Read more about The Lumma Stealer InfoStealer: The Details

Understanding and Detecting Lateral Movement

Nov 20, 2023 By Arctic Wolf In Arctic Wolf

A threat actor, hoping to launch a ransomware attack on an organization, is able to use stolen credentials to get into a user’s email account. Utilizing spear phishing techniques and reconnaissance, the threat actor emails the IT department, asking for credentials to an important network application. They gain the credentials, move deeper into the network, and start setting up a ransomware attack.

Read Post