Today many businesses rely on virtualization technology to run and scale their infrastructure. One of the most popular Hypervisor systems on the market is VMware ESXi, which is regularly targeted in Ransomware attacks for the last 3+ years to increase damage to the victims IT systems.
Hide your Hypervisor: Analysis of ESXiArgs Ransomware
In order to minimize monetary and reputational damage in the event of a successful IT security attack, immediate and correct response measures, a comprehensive overview of the extent of the cyber attack, and a full clarification of the incident are indispensable.
We will first begin at the entry point of this RAT and analyze its executed code before we jump into all possible modules this RAT possesses.
According to Malware Bazaar, samples have been distributed since around mid-January. The final payload is a .NET RAT, which allows the attacker to send commands to the infected system.
This article is intended to provide a deeper insight into the important topic of reporting obligations in the event of an IT security incident.
In order to protect one’s own company against phishing, awareness must first and foremost be created among employees. This can be done through workshops, phishing simulation or company policies.
Incident Response Process Models using the Example of the Federal Office for Information Security (BSI)
BSI has set up a model that divides the procedure into 6 different phases, which is very finely granulated compared to other models.
In order to shed some light on the subject, we would like to look at a few facts and figures about ransomware as well as a typical course of attack.
That a compromised mailbox is an extremely unpleasant situation is something everyone should be able to imagine. In a recent case we have investigated, attackers have been particularly clever.
In this article, we will look at artifacts that should always be collected during an incident on a Windows-based system to get the best possible picture of what happened.