Cybersecurity
Category Added in a WPeMatico Campaign
Conclusion and recommendations In this case study, the attack was detected and contained before the actor could achieve their objectives. However, we’ve noted that given the attacker’s previous pivot to advertising and leasing DarkGate, the objectives of the attacker might vary, depending on the affiliates involved. Cybercriminals can use these payloads to infect systems with […]
There were 2116 reported US data breaches and leaks in the first nine months of 2023, making it the worst year on record with a whole quarter left to go, according to the Identity Theft Resource Center (ITRC). The non-profit, which tracks publicly reported breaches in the US, said there were 733 “data compromises” in […]
Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively. This article will cover just some of those new developments in Q3-2023 as well as give predictions […]
The FBI and the CISA recommend implementing application control mechanisms, limiting remote desktop services, and following best practices such as updating software and using strong passwords to defend against AvosLocker ransomware attacks.
Oct 13, 2023NewsroomMalware / Cyber Threat A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, […]
The US Securities and Exchange Commission is launching its own investigation into the vulnerability in Progress Software’s MOVEit transfer tool that exposed data from more than 2,000 organizations and 60 million individuals. Tracked as CVE-2023-34362, the flaw was exploited as a zero-day by the notorious Russia-linked Cl0p ransomware group to steal data from organizations using […]
Executive Summary On October 4, a high-severity security vulnerability was reported and fixed in curl. The vulnerability, CVE-2023-38545, was associated with a severe heap overflow during the SOCKS5 proxy handshake process, impacting both the libcurl and the curl tool. This article whirls around a detailed analysis of the issue, its cause, its potential risks, and […]
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That’s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) […]
The Reichsadler Cybercrime Group attempted to deploy ransomware on unpatched WS_FTP servers using a stolen LockBit 3.0 builder. The attackers used the GodPotato tool to escalate privileges on the servers.