Attackers deploying the Noberus (aka BlackCat, ALPHV) ransomware have been using new tactics, tools, and procedures (TTPs) in recent months, making the threat more dangerous than ever. Among some of the more notable developments has been the use of a new version of the Exmatter data exfiltration tool, and the use of Eamfo, information-stealing malware that is designed to steal credentials stored by Veeam backup software.
ADVERSARY: FIN7
INDUSTRIES: Banking, Hospitality, Retail
MALWARE FAMILIES: Noberus, BlackMatter, Eamfo
ATT&CK IDS: T1014 - Rootkit, T1566 - Phishing, T1081 - Credentials in Files, T1011 - Exfiltration Over Other Network Medium, T1022 - Data Encrypted
Read More:
Komentáře