The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

Las Vegas was buzzing last week with VMware Explore where Rubrik Cyber Recovery snagged the top award in the Business Continuity and Data Protection category. Our excitement continued when Rubrik Data Threat Analytics earned an honorable mention in the Security, Networking, and Edge category!

XLoader macOS variant poses as a productivity app, Lazarus Group uses new malware, and threat actors abuse Facebook promotions to spread malicious code.

Malware utilizes a multitude of techniques to avoid detection, and threat actors are continuously uncovering and exploiting new methods of attack. One of the less common techniques includes the exploitation of the Windows Restart Manager. To stay ahead of malicious authors, it is important to be aware of them and understand how they work.

Raccoon Stealer malware reappears, AI adoption remains low among threat actors, and Monti ransomware targets VMware ESXi servers with new Linux locker.

As an Internet user, you may face various terrible cases of data theft or illegal perversion by third parties into your personal virtual space. Of course, any attack on your device is unpleasant, but in some situations, a ransomware attack can have immense consequences for you and your data. This is why we are talking about one of the possible types of cybercrimes that threaten our digital safety: ransomware attacks.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including Akira ransomware, 8base ransomware, and Rorschach (BabLock) ransomware, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

Today, cyberattacks pose the most significant threat to an organization’s data. The Spring 2023 Rubrik Zero Labs report, based on research from over 1,600 IT and Security professionals, revealed that 99% of IT and security leaders were informed of at least one attack in their own environment in 2022.

Ransomware attacks do not simply start and end with a locked computer screen and a ransom note. They unravel as intricate narratives, leaving a trail of financial wreckage, operational interruptions, and reputational damage in their wake. These attacks bear significant costs. In 2022, the average cost of a ransomware attack was a whopping $4.54 million, per IBM Security and the Ponemon Institute. And that does not include the actual ransom payment itself.

The Sysdig Threat Research Team (TRT) recently discovered a new, financially motivated operation, dubbed LABRAT. This operation set itself apart from others due to the attacker’s emphasis on stealth and defense evasion in their attacks. It is common to see attackers utilize scripts as their malware because they are simpler to create. However, this attacker chose to use undetected compiled binaries, written in Go and.NET, which allowed the attacker to hide more effectively.