Ars Technica summarizes what users can do in the meantime. Microsoft, after some initial resistance to accepting that the researchers' findings and proof-of-concept represented an actual security flaw, now intends to issue a mitigation for the vulnerability, GovInfoSecurity writes. SecureWorks has reported a brute-force vulnerability in Azure Active Directory. Many files can be recovered with additional work, but the criminals' decryptor won't help. It leaves many encrypted files damaged beyond immediate recovery. RansomEXX, a new entrant into the ransomware-as-a-service criminal-to-criminal market, apparently has some quality control issues: their decryptor, Profero reports, doesn't work reliably. The APT operates by "exploiting ProxyShell vulnerabilities in attacks to infect Microsoft Exchange." The researchers have not yet attributed ChamelGang to any particular nation-state. Comparable organizations in the UK are also believed to be vulnerable. The company's announcement focuses on attacks against Russian organizations, but it also notes that the United States, India, Nepal, Taiwan, and Japan have been hit as well. Positive Technologies has identified a new threat actor, "ChamelGang," an APT targeting the fuel, energy, and aviation sectors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |