Search Results
The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.
Filter your results:
Types
Topics
27 Results Found
HC3 Analyst Note TLP White: PPE-Themed Phishing Campaign Exploits COVID Shortages to Spread Malware
A new phishing campaign is using COVID-19 personal protective equipment (PPE)-themed lures to spread Agent Tesla malware. This difficult-to-detect remote access Trojan (RAT) provides attackers with a dashboard to monitor the malware’s keylogging and information stealing capabilities.
HC3 Analyst Note TLP WHite: Thales Modules Vulnerability (CVE-2020-15858)
Researchers recently revealed an information about a vulnerability affecting the electronic chips that enable mobile communication in millions of internet connected devices.
Analyst Note: Re-Emergence of Emotet Botnet Poses Threat to HPH Sector
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020. Emotet, the number one malware of 2019, infects new devices by enticing victims to execute malicious macros embedded in Microsoft Word documents. Once infected, the devices may be afflicted with a number of different types of malware, including ransomware, leading many organizations to treat Emotet infections as ransomware attacks.
Analyst Note: Meow Attack Is Wiping Internet-Exposed Databases
On 20 July, 2020, the first of what would become almost 4,000 unsecured and public-facing databases were completely destroyed. No explanation or ransom note was provided in what has been dubbed the ‘meow’ attacks. A number of recommendations on mitigating Meow attacks are available in the full report. HC3 analysts assess with high confidence that this attack poses a risk to Healthcare and Public Health (HPH) sector organizations as many HPH databases are currently exposed to the Internet.
HC3 Analyst Note TLP White: Critical Vulnerability in F5 Network Management/Security (BIG-IP) Tools
The information technology vendor, F5, disclosed a significant vulnerability in their BIG-IP suite of tools which, when exploited, allows for remote code execution ultimately leading to complete compromise of the host and the potential for further compromise of the network which it sits on.
HC3 Analyst Note TLP Green: Thanos Ransomware Now Using RIPlace Anti-Ransomware Evasion Technique July 21, 2020
Thanos ransomware, first noted in January 2020, is unremarkable apart from the RIPlace anti-ransomware evasion technique that is available as one of its paid-for features.
HC3 Analyst Note TLP Green: Re-Emergence of Emotet Botnet Poses Threat to HPH Sector, July 27, 2020
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020.