threat research – Page 14 – PossibleThreat Articles

Akira Ransomware is “bringin’ 1988 back”

May 11, 2023 0 Comments akira, featured, Incident Response, Ransomware, security operations, sophos xdr, threat research

Credit to Author: gallagherseanm| Date: Tue, 09 May 2023 20:27:03 +0000

A new recently observed ransomware family dubbed Akira uses a retro aesthetic on their victim site very reminiscent of the 1980s green screen consoles and possibly takes its namesake from the popular 1988 anime film of the same name.

Security Sophos

May’s Patch Tuesday haul touches a six-pack of product families

May 11, 2023 0 Comments av1, blacklotus, bootkit, cve-2023-24881, cve-2023-24932, cve-2023-24941, cve-2023-29325, cve-2023-29340, Microsoft Office, Microsoft Windows, Patch Tuesday, secure boot, sharepoint, teams, threat research, uefi

Credit to Author: Angela Gunn| Date: Tue, 09 May 2023 19:27:52 +0000

A relatively light month by the numbers, but several patches require extra effort to deploy

Security Sophos

A doubled “Dragon Breath” adds new air to DLL sideloading attacks

May 3, 2023 0 Comments dll sideloading, featured, sophos x-ops, threat research

Credit to Author: Gabor Szappanos| Date: Wed, 03 May 2023 10:00:12 +0000

Exploits of the venerable vulnerability gain in complexity

Security Sophos

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

April 25, 2023 0 Comments active adversary playbook, coinminer, conti, data breach, exfiltration, extortion, featured, Incident Response, loader, lockbit, Ransomware, sophos x-ops, threat research, web shells

Credit to Author: Angela Gunn| Date: Tue, 25 Apr 2023 10:00:03 +0000

A deep dive into over 150 incident-response cases reveals both attackers and defenders picking up the pace

Security Sophos

‘AuKill’ EDR killer malware abuses Process Explorer driver

April 19, 2023 0 Comments active adversary, active adversary playbook, anti-edr, aukill, backstab, EDR, edr killer, featured, malware, process explorer, procexp, sophos x-ops, targeted attacks, threat research

Credit to Author: Andrew Brandt| Date: Wed, 19 Apr 2023 10:00:43 +0000

Driver based attacks against security products are on the rise

Security Sophos

Tax firms targeted by precision malware attacks

April 13, 2023 0 Comments featured, guloader, irs, malware, remcos, threat research

Credit to Author: Andrew Brandt| Date: Thu, 13 Apr 2023 10:00:55 +0000

CPAs and accountants received solicitations for tax filing business that were just a social engineering ploy

Security Sophos

Tax-time smishing campaign targets Indian account holders

April 12, 2023 0 Comments featured, finance and banking, india, smishing, threat research

Credit to Author: Jagadeesh Chandraiah| Date: Wed, 12 Apr 2023 20:44:10 +0000

The end of the fiscal year is already hectic enough, but would-be scammers just don’t care whom they affect

Security Sophos

April showers Windows updates on sysadmins

April 11, 2023 0 Comments cve-2023-21554, cve-2023-28231, cve-2023-28250, cve-2023-28252, featured, l2tp, office, Patch Tuesday, pcl5, postscript, signed drivers, threat research, Windows

Credit to Author: Angela Gunn| Date: Tue, 11 Apr 2023 18:34:37 +0000

A 98-CVE Patch Tuesday marks another big haul for the OS

Security Sophos

Update 2: 3CX users under DLL-sideloading attack: What you need to know

April 1, 2023 0 Comments 3cx, dll sideloading, featured, ffmpeg.dll, ioc hunting, threat research

Credit to Author: Greg Iddon| Date: Thu, 30 Mar 2023 01:39:11 +0000

A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing

Security Sophos

Updated: 3CX users under DLL-sideloading attack: What you need to know

March 30, 2023 0 Comments 3cx, dll sideloading, featured, ffmpeg.dll, ioc hunting, threat research

Credit to Author: Greg Iddon| Date: Thu, 30 Mar 2023 01:39:11 +0000

A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing