In the past 2 weeks, CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) alerting organizations of increased Conti ransomware attacks. Also, following a recent Incident Response, McAfee Enterprise‘s Advanced Threat Research (ATR) team worked with its Professional Services IR team to support a case that initially started as a malware incident but ultimately turned out to be a long-term cyber-attack.
For more articles, check out our #onpatrol4malware blog.
CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware
Source: CISA
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) alerting organizations of increased Conti ransomware attacks. Read more.
Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms
Source: Sentinel Labs
ZLoader (also known as Terdot) was first discovered in 2016 and is a fork of the infamous Zeus banking trojan. It is still under active development. Read more.
Operation ‘Harvest’: A Deep Dive into a Long-term Campaign
Source: McAfee
Following a recent Incident Response, McAfee Enterprise‘s Advanced Threat Research (ATR) team worked with its Professional Services IR team to support a case that initially started as a malware incident but ultimately turned out to be a long-term cyber-attack. Read more.
Protecting from ransomware
Source: certnz
Ransomware attacks are becoming increasingly common with attackers using more sophisticated methods to try and get their hands on your data. This guide looks at how ransomware attacks happen and recommends steps you and your IT provider can take to help protect your business. Read more.
Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Source: WeLiveSecurity
In August 2021, Intezer discovered a fully undetected ELF implementation of Cobalt Strike’s beacon, which we named Vermilion Strike. Read more.
Cobalt Strike: Detect this Persistent Threat
Source: Intezer
This blog explains Cobalt Strike and practical steps to take if you believe that you are being targeted by Cobalt Strike or already compromised. They demonstrate some real-world examples of Cobalt Strike delivery and steps to detect each. Read more.