In today's rapidly evolving digital world, cyber threats are becoming increasingly sophisticated. An incident response plan is no longer an option, but a fundamental necessity. Many organizations rely on Managed Security Service Providers (MSSPs) to secure their operations, but it's important to recognize that outside expertise alone is not enough to eliminate all gaps in incident response.
Edge infrastructure, such as internet-exposed firewalls, routers, VPN-Gateways etc. are a common initial access target for cybercrime and espionage actors since these appliances are challenging to defend. According to the vulnerability discovery service LeakIx as many as 30 thousand internet-exposed Cisco devices may already have been compromised...
Today many businesses rely on virtualization technology to run and scale their infrastructure. One of the most popular Hypervisor systems on the market is VMware ESXi, which is regularly targeted in Ransomware attacks for the last 3+ years to increase damage to the victims IT systems.
In order to minimize monetary and reputational damage in the event of a successful IT security attack, immediate and correct response measures, a comprehensive overview of the extent of the cyber attack, and a full clarification of the incident are indispensable.
According to Malware Bazaar, samples have been distributed since around mid-January. The final payload is a .NET RAT, which allows the attacker to send commands to the infected system.
In order to protect one's own company against phishing, awareness must first and foremost be created among employees. This can be done through workshops, phishing simulation or company policies.