Silence is golden partner for Truebot and Clop ransomware

Categories: News

Categories: Ransomware

Tags: Silence

Tags: TA505

Tags: Clop ransomware

Tags: Truebot

Tags: Grace

Tags: Cobalt Strike

Tags: Teleport

Tags: FIN11

Researchers have identified two new Truebot botnets that are using new versions of the Truebot downloader Trojan to infiltrate and explore a target’s network.

(Read more…)

The post Silence is golden partner for Truebot and Clop ransomware appeared first on Malwarebytes Labs.

Read more

Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign

Credit to Author: Threat Intelligence Team| Date: Wed, 13 Jul 2022 16:17:09 +0000

While the war in Ukraine still rages, various threat actors continue to launch cyber attacks against its government entities. In this blog we review the latest campaign from the UAC-0056 threat group.

The post Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign appeared first on Malwarebytes Labs.

Read more

Karakurt extortion group: Threat profile

Credit to Author: Jovi Umawing| Date: Tue, 14 Jun 2022 16:00:29 +0000

An obscure group called Karakurt has extorted organizations in the US and elsewhere. Know how to keep it away from your network.

The post Karakurt extortion group: Threat profile appeared first on Malwarebytes Labs.

Read more

The Active Adversary Playbook 2022

Credit to Author: Tilly Travers| Date: Tue, 07 Jun 2022 11:02:43 +0000

Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021

Read more

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited

Credit to Author: Pieter Arntz| Date: Fri, 03 Jun 2022 14:41:58 +0000

A vulnerability in Atlassian Confluence was found by performing an incident response investigation on a compromised server. The vulnerability is not yet patched.

The post [updated]Unpatched Atlassian Confluence vulnerability is actively exploited appeared first on Malwarebytes Labs.

Read more

Unpatched Atlassian Confluence vulnerability is actively exploited

Credit to Author: Pieter Arntz| Date: Fri, 03 Jun 2022 14:41:58 +0000

A vulnerability in Atlassian Confluence was found by performing an incident response investigation on a compromised server. The vulnerability is not yet patched.

The post Unpatched Atlassian Confluence vulnerability is actively exploited appeared first on Malwarebytes Labs.

Read more