Short Summary:

The article discusses various tools and techniques used by attackers in the context of ransomware operations. It categorizes these tools into four main areas: Living off the Land, Impairing Defenses, Remote Desktop/Remote Admin, and Data Exfiltration. The article also highlights the growing robustness of the ransomware ecosystem and suggests visiting the Symantec Protection Bulletin for the latest protection updates.…

Read More

Short Summary:

The article emphasizes the critical need for mobile security, highlighting the risks associated with unencrypted data transmission in various apps. It discusses specific apps that expose sensitive user information and offers best practices for developers to enhance security and protect user data.

Key Points:

Mobile security is increasingly important in a digital world.…
Read More

Short Summary:

A new backdoor known as Backdoor.Msupedge has been discovered, targeting a university in Taiwan. This backdoor employs DNS tunneling to communicate with its command-and-control server, utilizing a unique technique that is not commonly seen. It is installed as a dynamic link library (DLL) and can execute various commands based on the resolved IP address from the C&C server.…

Read More

“`htmlShort Summary:

The article discusses the increasing trend of threat actors utilizing legitimate cloud services for their attacks, highlighting various espionage operations and malware tools that exploit these services. Notable tools mentioned include GoGra, Grager, and MoonTag, which leverage Microsoft Graph API for command-and-control operations. The article emphasizes the need for organizations to monitor and protect against these evolving threats.…

Read More

Open-source tool that can legitimately be used to manage content in the cloud, but has been seen being abused by ransomware actors to exfiltrate data from victim machines. For an example of how Rclone may be used, see case study below.

AnyDesk: A legitimate remote desktop application. By installing it, attackers can obtain remote access to computers on a network. Malicious…

Read More