Over the past two weeks, we saw that AvosLocker is a relatively new ransomware-as-a-service. The Sophos Rapid Response team has so far seen AvosLocker attacks in the Americas, Middle East, and Asia-Pacific, targeting Windows and Linux systems. In addition, we also saw the dirty dozen of Latin America: From Amavaldo to Zumanek.
For more articles, check out our #onpatrol4malware blog.
2022 Cybersecurity Predictions
Source: Outpost24
2021 was the year businesses continued to adapt to new working patterns, digital transformation, and battle the increasing threats from ransomware attacks. Here our panel of security experts shares their predictions for the key security challenges to look out for in 2022. Read more.
AvosLocker Ransomware Uses AnyDesk in Safe Mode to Launch Attacks, Sophos Reports
Source: SOPHOS
AvosLocker is a relatively new ransomware-as-a-service. The Sophos Rapid Response team has so far seen AvosLocker attacks in the Americas, Middle East, and Asia-Pacific, targeting Windows and Linux systems. Read more.
A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard
Source: Check PointÂ
Check Point published the story of “Jian†— an exploit used by Chinese threat actor APT31 which was “heavily inspired by†an almost-identical exploit used by the Equation Group, made publicly known by the Shadow Brokers leak. Read more.
The dirty dozen of Latin America: From Amavaldo to Zumanek
Source: welivesecurity
ESET started this blogpost series dedicated to demystifying Latin American banking trojans in August 2019. Read more.
APT37 targets journalists with Chinotto multi-platform malware
Source: Bleeping Computer
North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android. Read more.
A Deep Dive Into SoWaT: APT31’s Multifunctional Router Implant
Source: impOrtp3
The group is targeting various types of targets of interest to the Chinese government. Notably, the group has been subject to several governmental attribution statements, including Germany, France, Norway, Australia. Read more.
RATDispenser, a new stealthy JavaScript loader used to distribute RATs
Source: Security Affairs
Researchers from the HP Threat Research team have discovered a new stealthy JavaScript loader dubbed RATDispenser that is being used to spread a variety of remote access trojans (RATs) in attacks into the wild. Read more.