Over the last two weeks, we saw that while monitoring the Emotet botnet current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. This and other news you find here.
For more articles, check out our #onpatrol4malware blog.
Addressing Deepfake-Enabled Attacks Using Security Controls
Source: SANS Technology Intitute
Attacks enabled by computer-generated media known as deepfakes are an emergent problem requiring urgent attention from the security community. This paper reframes the understanding of the issue and offers a methodology for handling the problem. Read more.
North Korean APT Lazarus Targets Energy Sector in US, Canada, Japan
Source: SecureWorld
The North Korean hacking group known as Lazarus has turned its attention to a new sector, targeting energy providers in the United States, Canada, and Japan in a campaign that lasted between February and July 2022. Read more.
Emotet botnet now pushes Quantum and BlackCat ransomware
Source: BleepingComputer
While monitoring the Emotet botnet’s current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. Read more.
Been hit by LockerGoga ransomware? A free fix is now out
Source: The Register
Software nasty used to cause hundreds of millions of dollars in damages, cops say. If you’ve been hit by the LockerGoga ransomware, an international law enforcement effort has publicly released a tool to fix the problem. Read more.
EDR vs MDR vs XDR – What’s the Difference?
Source: MalwareBytes LABS
Cyberattacks are rapidly evolving, leaving businesses and their IT security teams to handle immense workloads. EDR, MDR, and XDR can alleviate challenges most small business cybersecurity teams face, such as alert fatigue and limited resources. Read more.
Researchers unearth hacking group that’s been active, yet undetected for years
Source: CyberScoop
During a recent investigation of a series of cyber intrusions into an unnamed high-value target, threat intelligence researchers with SentinelOne’s SentinelLabs team discovered nearly 10 hacking groups associated with China and Iran. Read more.
Ransomware data theft tool may show a shift in extortion tactics
Source: BleepingComputer
Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. Read more.