8 matches found
Iranian hackers used RDP to hit businesses with Dharma ransomware
By Waqas The hackers using Dharma ransomware are "far behind the level of sophistication of big-league Iranian APTs." This is a post from HackRead.com Read the original post: Iranian hackers used RDP to hit businesses with Dharma ransomware...
Iran-Linked 'Newbie' Hackers Spread Dharma Ransomware Via RDP Ports
A group of ‘script kiddies’ tied to Iran are targeting companies worldwide with internet-facing Remote Desktop Protocol RDP ports and weak credentials in order to infect them with Dharma ransomware. The Dharma malware also known as Crysis has been distributed as a ransomware-as-a-service RaaS mod...
Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns
Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...
Threat spotlight: Phobos ransomware lives up to its name
Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals' belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware's got its hooks in global businesses and shows no signs of stopping. That includes a...
A week in security (May 13 – 19)
Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a "WannaCry level" attack. We also profiled the...
A week in security (May 6 – 12)
Last week on Labs, we discussed what to do when you discover a data breach, how 5G could impact cybersecurity strategy, the top six takeaways for user privacy, vulnerabilities in financial mobile apps that put consumers and businesses at risk, and in our series about vital infrastructure, we...
Defeating Compiler-Level Obfuscations Used in APT10 Malware
Summary The Carbon Black Threat Analysis Unit TAU recently analyzed a series of malware samples that utilized compiler-level obfuscations. For example, opaque predicates were applied to Turla mosquito and APT10 ANEL. Another obfuscation, control flow flattening, was applied to APT10 ANEL and Dhar...
Keys for Dharma Ransomware Released
Victims of the Dharma strain of ransomware can now get their files back, free of charge. Decryption keys for the ransomware were added to the Kaspersky Lab’s Rakhni decryptor tool Thursday morning. Dharma ransomware .dharma decryptor released pic.twitter.com/sIQorypOzj — Anton Ivanov @antonivanov...