Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

New Zealand CERT issues advisory on ransomware campaign

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 19 Jun 2020 08:13:07 +0000 (UTC)
https://www.infosecnews.org/new-zealand-cert-issues-advisory-on-ransomware-campaign/

By William Knowles
Senior Editor
InfoSec News
June 18, 2020
The New Zealand Computer Emergency Response Team (CERT NZ) has released an advisory on a ransomware campaign leveraging remote access technologies.
Unknown malicious cyber bad actors are targeting organizations’ networks through remote access tools, such as Remote Desktop Protocol and virtual private networks, to exploit unpatched vulnerabilities and weak authentication.
After gaining access, these cyber bad actors use various tools including mimikatz, PsExec, Cobalt Strike, and Nefilim ransomware for privilege escalation, lateral movement, persistence, and data exfiltration and encryption. The issue cannot be resolved by simply restoring data from backup due to the level of access gained before deploying ransomware. 

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: