![]() Leaders from Apple, Microsoft and Amazon are slated to meet with U.S. Vulnerabilities in the Kalay Internet-of-Things protocol puts millions of security devices at risk of complete attacker takeover. MacOS 11 may have several security features that Apple previously did not disclose, including endpoint security API improvements and protections against potential attacks against CPUs. T-Mobile confirmed a massive data breach that potentially puts 54 million customers at risk of fraud and identity theft. The FBI recently warned major tech companies that state-sponsored actors are attempting to recruit their employees to conduct economic espionage and intellectual property theft. State Department was reportedly the target of a cyberattack several weeks ago. These techniques along with other indicators are shared with the Aggah group indicating that the crypter author might have sold it to both parties.Ĭisco Secure Endpoint orbital search queries: The highly modular structure of the Latin American attack indicates a focus on stealth to deliver two widely popular RAT families of AsynRAT and njRAT. However, we’ve also discovered that the crypter’s authors have conducted their own malware campaigns abusing archiveorg to deliver commodity RATs. We’ve observed the authors advertise their crypters on Facebook, YouTube and other social media. The threat actor authoring the crypter primarily aims to sell it as a service. We’ve also discovered a builder/crypter known as “Crypter 3losh rat” used to generate various stages of the highly modularized infection chain used by the campaign operators. Techniques utilized in this campaign bear a resemblance to those of the Aggah group but are operated by a distinct threat actor based out of Brazil. The campaign targets travel and hospitality organizations in Latin America. Title: Several RATs targeting users in Latin America, stealing high-profile credentialĭescription: Cisco Talos has observed a new malware campaign delivering commodity RATs, including njRAT and AsyncRAT. LockBit’s been behind several recent high-profile attacks, including one on global consulting firm Accenture. Once the malware encrypts the data on the targeted machine, it changes the wallpaper to display an advertisement, telling users that they can become a part of LockBit’s recruitment process, promising payouts in the millions of dollars. This new version of LockBit includes new encryption features and an effort to recruit “insiders” at the targeted organizations. LockBit has recently been spotted targeting organizations in the U.K., Taiwan, Chile and Italy. Title: LockBit 2.0 targets organizations across the globeĭescription: The ransomware-as-a-service network behind the LockBit ransomware is launching new attacks using the 2.0 version of its malware. SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP TOP VULNERABILITY THIS WEEK: New version of LockBit ransomware spreads internationally MOST PREVALENT MALWARE FILES August 19-26, 2021 VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |