Pikabot seems to have a binary version and a campaign ID. The keys 0fwlm4g and v2HLF5WIO are present in the JSON data, with the latter seemingly being a campaign ID. The malware creates a named pipe and uses it to temporarily store the additional information gathered by creating the following processes: whoami.exe /all ipconfig.exe /all […]
Fraud Management & Cybercrime , Governance & Risk Management , Healthcare HHS: Group Seems to Favor Targeting Small & Midsized Entities that Lack MFA on VPNs Marianne Kolbasuk McGee (HealthInfoSec) • September 13, 2023 Akira’s data leak site Federal authorities are warning the health sector about threats posed by Akira, a ransomware-as-a-service group […]