Palo Alto Networks Unit 42 cybersecurity experts: Malware authors used a browser extension as their final payload. It serves as adware and an infostealer.
Palo Alto Networks cybersecurity experts: The malware uses AES-256 and RSA-2048 to encrypt files, and the ransom note includes 2 email addresses to contact for pay.
Palo Alto Networks cyber security experts: malicious code exploits multiple vulnerabilities to spread. In addition, it can steal info, launch DDos attacks and cryptojacking.
Palo Alto Networks cyber security experts identified a Hub account, azurenql, that was hosting six malicious images intended to mine the cryptocurrency. They have been pulled more than two million times.
Palo Alto Networks cyber security experts: Over 300 coronavirus themed malicious code samples communicated with 20 unique IP addresses and domain indicators of compromise (IOCs).
Palo Alto Networks cyber security experts: Malicious URLs average daily registration rose by 569%. It include domains hosting malware, phishing sites, malvertising, cryptomining, and black hat SEO.
Palo Alto cyber security experts: The APT exploited a recently patched remote code execution vulnerability to upload a variety of tools. From Mimikatz to HyperBro.
Palo Alto cyber security experts: The group has now over 400 individual actors a targets all industry with BEC schemes, leveraging malware. In particular Information Stealers and RATs.
Palo Alto cyber security experts: The malware in particular hit Wireless Presentation & Display Systems. Cybercrime IoT/Linux botnets continue to expand their attack surface.