This report was originally published for our customers on 2 May 2024.
As part of our critical vulnerabilities monitoring routine, Sekoia’s Threat & Detection Research (TDR) team deploys and supervises …
This report was originally published for our customers on 2 May 2024.
As part of our critical vulnerabilities monitoring routine, Sekoia’s Threat & Detection Research (TDR) team deploys and supervises …
While monitoring attacks targeting MS-SQL servers, AhnLab SEcurity intelligence Center (ASEC) recently identified cases of the TargetCompany ransomware group installing the Mallox ransomware. The TargetCompany ransomware group primarily targets improperly …
Mallox, a strain of ransomware and a group with the same name, encrypts its victims’ data and subsequently demands a ransom, typically in cryptocurrency, in return for providing the decryption key, …
Ransomware-as-a-Service (RaaS) is a cybercrime business model where operators maintain software, websites, infrastructure, and other features needed to conduct ransomware attacks. Affiliates of the RaaS …
The ransomware landscape is characterized by a heavy churn in both actor groups and malware families, with only a few players exhibiting relative longevity. Once feared threats such as REvil …
First observed in the middle of 2021, ‘Mallox’ Ransomware has emerged as a formidable threat in the cyber crime landscape. With its ability to encrypt all volumes, including local …
This post is also available in: 日本語 (Japanese)
Executive SummaryMallox (aka TargetCompany, FARGO and Tohnichi) is a ransomware strain that targets Microsoft (MS) Windows systems. It has been active …
The ransomware known as “TargetCompany,” which first appeared in June 2021, gained significant attention due to its unique method of appending the …
AhnLab Security Emergency response Center (ASEC) has recently discovered the Mallox ransomware with the BAT file extension being distributed to poorly managed MS-SQL servers. Extensions of files distributed to poorly …
AhnLab Security Emergency response Center (ASEC) has recently discovered the distribution of the Mallox ransomware during the team’s monitoring. As covered before, Mallox, which targets vulnerable MS-SQL servers, has historically …
“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds …
MS-SQL servers are one of the main attack vectors used when targeting Windows systems because they use simple passwords and are open publicly to the external Internet. Threat actors find …
In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution.
Summary…
This week, the SonicWall Capture Labs threat research team analyzed a sample of Marsilia malware, also known as Mallox. This is a multi-stage sample that, when functional, will have a …
The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from …
The ASEC analysis team identified the circumstances of the Andariel group distributing malware via an attack using a certain asset management program. The Andariel group is known to be in …
Estimated reading time: 5 minutes
Overview:
In our rapidly advancing technological landscape, cyber threat actors have grown increasingly sophisticated, employing intricate attack chains and malicious applications. They meticulously plan and …
T1190 – Exploit Public-Facing Application Malware actors take advantage of vulnerable, unmanaged, or misconfigured database servers to gain a foothold on the victim’s network. Based on logs, it executes the …
AhnLab Security Emergency response Center (ASEC) has recently discovered the Trigona ransomware being installed on poorly managed MS-SQL servers. Trigona is a relatively recent ransomware that was first discovered in …
Our X-Ops teams – SophosLabs, SecOps (Sophos Managed Threat Response [MTR] and Sophos Rapid Response), and Sophos AI – operate in a virtuous Observe-Orient-Decide-Act loop, building on each teams’ work …