The Week In Review 01/03-05/03

The Week In Review 01/03 – 05/03

Although attacks against vital organisations are not decreasing, this week has been dominated by malware and zero-day disclosures.

Qualys was attacked and endured a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. These were released online on the Tor blog of the Clop criminal extortionists.

And while we see more and more companies being attacked and are the victim of ransomware, some try to provide platforms with the promise of a ransomware free cloud platform. This is the case of Nutanix, that added several tools to their already existing arsenal.

Meanwhile, Microsoft has disclosed four zero-day exploits that were used in the wild on their Exchange Server (Outlook Web Application). The attackers can gain remote code execution, install malware to facilitate long-term access to victim environments, without using authentication enabling access to email accounts. The company urges its users to apply patches they released as soon as possible.

In the same topic, Chrome too has revealed a zero-day flaw, the second this year already. Google has fixed it and released a new version to update the browser.

Additionally, you might have heard about Gootloader, the platform delivering malware (including ransomware) through fake discussion forums. Gootloader is composed of a sophisticated technique including the manipulation of Search Engine Optimization (SEO), geo-targeting the potential victim, and social engineering by proposing to the victim, on the top results of their search, advice that perfectly matches the search terms used in their question. This is of course leading the victim to an infected website containing malicious downloads. This kind of stealthy malware platform is not new, but this complex one is grabbing our attention as it is not only delivering its own financial malware but all kinds of payloads, including REvil ransomware.

Regardless of how mature your business is in cybersecurity, Dionach can help you with developing IT Security strategies, implementing security policies and providing awareness training to your business and collaborators. See our Consultancy services for more information.

Read about all of this and more below:

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
(thehackernews.com)

Qualys hit with ransomware: Customer invoices leaked on extortionists’ Tor blog.
(theregister.com)

Qualys Update on Accellion FTA Security Incident.
(qualys.com)

Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion.
(fireeye.com)

Nutanix makes its Cloud Platform Ransomware free.
(cybersecurity-insiders.com)

HAFNIUM targeting Exchange Servers with 0-day exploits.
(microsoft.com)

New Chrome 0-day Bug Under Active Attacks – Update Your Browser ASAP!
(thehackernews.com)

Google fixes second actively exploited Chrome zero-day bug this year.
(bleepingcomputer.com)

Multi-payload Gootloader platform stealthily delivers malware and ransomware.
(helpnetsecurity.com)

Find out how we can help with your cyber challenge

Please enter your contact details using the form below for a free, no obligation, quote and we will get back to you as soon as possible. Alternatively, you can email us directly at [email protected]

Related Projects

AdobeStock_211643639

Dionach Joins the ADS Group

A New Chapter in Aerospace, Defence, and Space Innovation We are thrilled to announce that Dionach has been officially approved as a member of ADS, the UK’s premier Aerospace, Defence, and Space industry trade association! This prestigious certification underscores our commitment to excellence and innovation within these critical sectors. As an ADS member, we look […]
Read More
cyber-security

Dynamic Cybersecurity: Latest Trends and Updates

In today’s interconnected digital world, the field of cybersecurity is constantly evolving to keep up with emerging threats and vulnerabilities. Staying updated with the latest developments is crucial for individuals and organisations alike to protect their sensitive information from malicious actors. In this blog post, we will explore some of the most significant updates and […]
Read More
abstract-data

Why an Internal Penetration Test Delivers Results

Why an Internal Penetration Test Delivers Results The CISO of a large  organisation with multiple regional offices approached Dionach requesting an internal penetration test. The organisation used a hybrid IT infrastructure with systems located across two data centres and Azure. The test was conducted from the context of an unauthenticated user with physical access to […]
Read More
Contact Us

Contact Us React out to one of our cyber experts and we will arrange a call