NIST guide to help orgs recover from ransomware, other data integrity attacks

The National Institute of Standards and Technology (NIST) has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mi… Continue reading NIST guide to help orgs recover from ransomware, other data integrity attacks

Malicious One-Liner Using Hastebin

Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a domain we see used infrequently. The script was found writing malicious contents into an image direct… Continue reading Malicious One-Liner Using Hastebin

OldGremlin Ransomware Group Bedevils Russian Orgs

The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March. Continue reading OldGremlin Ransomware Group Bedevils Russian Orgs

[SANS ISC] Malicious Word Document with Dynamic Content

I published the following diary on isc.sans.edu: “Malicious Word Document with Dynamic Content“: Here is another malicious Word document that I spotted while hunting. “Another one?” may ask some of our readers. Indeed but malicious documents remain a very common infection vector and you learn a lot when you analyze

The post [SANS ISC] Malicious Word Document with Dynamic Content appeared first on /dev/random.

Continue reading [SANS ISC] Malicious Word Document with Dynamic Content