October 24, 2024 at 05:26AM Attackers are employing layered strategies using multiple tools like web shells and VPN compromises to maintain access to networks. Trend Micro’s analysis highlights the need for strong logging, incident response planning, and robust security measures to identify and contain threats early, preventing severe consequences like ransomware deployment. ### Key Insights … Read more
June 6, 2024 at 02:34PM In May 2024, the ransomware ‘Fog’ targeted U.S. educational organizations using compromised VPN credentials. Notably, it employs double-extortion tactics by stealing data. With access to internal networks, attackers conduct various malicious activities and deploy the ransomware, appending encrypted files with specific extensions. Victims are directed to a Tor dark website … Read more
June 4, 2024 at 04:05PM A new ransomware group, “Fog,” has been conducting traditional attacks by locking up data in virtual environments for quick payouts. They utilize stolen VPN credentials, exploit vulnerabilities in VPN gateways, and employ tactics like credential stuffing and disabling Windows Defender. Fog targets US organizations, especially in the education sector, due … Read more