Over the past two weeks, we saw that AvosLocker is a relatively new ransomware-as-a-service. The Sophos Rapid Response team has so far seen AvosLocker attacks in the Americas, Middle East, and Asia-Pacific, targeting Windows and Linux systems. In addition, we also saw the dirty dozen of Latin America: From Amavaldo to Zumanek.
For more articles, check out our #onpatrol4malware blog.
2022 Cybersecurity Predictions
2021 was the year businesses continued to adapt to new working patterns, digital transformation, and battle the increasing threats from ransomware attacks. Here our panel of security experts shares their predictions for the key security challenges to look out for in 2022. Read more.
AvosLocker Ransomware Uses AnyDesk in Safe Mode to Launch Attacks, Sophos Reports
AvosLocker is a relatively new ransomware-as-a-service. The Sophos Rapid Response team has so far seen AvosLocker attacks in the Americas, Middle East, and Asia-Pacific, targeting Windows and Linux systems. Read more.
A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard
Source: Check Point
Check Point published the story of “Jian” — an exploit used by Chinese threat actor APT31 which was “heavily inspired by” an almost-identical exploit used by the Equation Group, made publicly known by the Shadow Brokers leak. Read more.
APT37 targets journalists with Chinotto multi-platform malware
Source: Bleeping Computer
North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android. Read more.
A Deep Dive Into SoWaT: APT31’s Multifunctional Router Implant
The group is targeting various types of targets of interest to the Chinese government. Notably, the group has been subject to several governmental attribution statements, including Germany, France, Norway, Australia. Read more.
Source: Security Affairs