#Atera

RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks

by

June 5, 2024 at 05:35PM RansomHub ransomware recently exploited the ZeroLogon flaw in Windows Netlogon Remote Protocol (CVE-2020-1472) for initial access. Symantec identified the use of Atera, Splashtop, and NetScan tools. Organizations are advised to patch the vulnerability. RansomHub, a ransomware-as-a-service, has impacted numerous organizations. It shares extensive code overlaps with the Knight ransomware, likely … Read more

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

by

March 25, 2024 at 04:39AM Iran-affiliated threat actor MuddyWater launches a new phishing campaign targeting Israeli entities. They aim to deliver a Remote Monitoring and Management solution called Atera through malicious links in emails and PDF attachments. Another Iranian group, Lord Nemesis, breaches a software services provider, leading to a software supply chain attack on … Read more