Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••

23/11/2020

TA551 (Shathak) Word docs with Japanese template push IcedID

Read the original article here
Cyber Defense

Not a New Threat, but very dangerous

The TA551 (Shathak) campaign continues to push IcedID (Bokbot) malware since  August 2020.  The template for its Word documents has been updated, but otherwise, not much has changed.  This campaign mainly targets english speaking victimes however it has also targeted non-English speaking targets with other types of malware.

 

Available Attack Vectors:

  • E-mail
  • Endpoint
  • Web Gateway
Contact us for a test with Cymulate Breach and Attack Simulation
23/11/2020

reported activity: MedusaLocker Ransomware

Cyber Defense

The MedusaLocker ransomware first emerged in September 2019, infecting and encrypting Windows machines around the world.
There have been reports of MedusaLocker attacks across multiple industries, especially the healthcare industry which suffered a great deal of ransomware attacks during the COVID-19 pandemic.

In order to maximize the chances of successful encryption of the files on the compromised machine, MedusaLocker restarts the machine in safe mode before execution.
This method is used to avoid security tools that might not run when the computer starts in safe mode.

Contact us for a test with Cymulate Breach and Attack Simulation
16/11/2020

Egregor - A New Ransomware Gang on the Rise

Read the original article here
Cyber Defense

Egregor is a ransomware from the Sekhmet malware family that has been active since the middle of September 2020.

One of the most active ransomware groups, Egregor is part of the Sekhmet malware family that has been active since mid-September 2020. Like most other Ransomware groups, it targets organizations across the world. The ransomware operates by hacking into organizations, stealing sensitive user documents, encrypting data, and finally demanding ransom in exchange of decrypted documents.

Allegedly, 52 companies have been breached by the threat actor till today (as of October 30, 2020), from GEFCO group being among the first ones to the more recently affected organizations such as Crytek, Ubisoft, Foxtons Group, and Barnes & Noble.

Contact us for a test with Cymulate Breach and Attack Simulation
Load more