November 23, 2024 at 04:12PM A new malware campaign leverages an outdated Avast Anti-Rootkit driver to disable security components and evade detection. By targeting processes from various security vendors, the malware can operate undetected. Researchers recommend using signature-based rules and Microsoft’s vulnerable driver blocklist to mitigate such risks. ### Meeting Takeaways: 1. **Emerging Malware Threat**: … Read more
July 10, 2024 at 02:28AM The ViperSoftX malware, identified in 2020, has now evolved to use .NET CLR to obfuscate its PowerShell commands, concealing them in AutoIt-generated scripts. This sophisticated malware targets professionals by infiltrating pirated eBooks and aims to steal system information and cryptocurrency. Trellix’s report provides detection details for this new variant. Key … Read more
April 12, 2024 at 02:25PM CISA issued an emergency directive in response to a Russian cyber threat targeting Microsoft email accounts. The group, known as Midnight Blizzard, is exfiltrating information and has already affected several companies. The directive requires federal agencies to investigate, reset compromised credentials, and secure privileged accounts. All organizations are urged to … Read more
February 15, 2024 at 01:57PM RansomHouse’s new tool ‘MrAgent’ automates deploying its data encrypter across multiple VMware ESXi hypervisors. This ransomware targeting large organizations maximizes impact by compromising critical applications and services. Custom configurations include scheduling an encryption event and altering the hypervisor’s monitor message. The tool’s adaptation for Windows systems demonstrates intent to extend … Read more