home.social

#mallox — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #mallox, aggregated by home.social.

  1. The Good, the Bad and the Ugly in Cybersecurity - Week 43

    CISA proposes new security measures to protect sensitive data from adversary nations, following President Biden's Executive Order. A free file recovery tool for early Mallox ransomware victims is released. A novel macOS ransomware, macOS.NotLockBit, is discovered abusing AWS S3 for data exfiltration. A critical Fortinet zero-day vulnerability (CVE-2024-47575) has been exploited in-the-wild since June, potentially affecting over 50 servers. Fortinet has released a patch and provided mitigation strategies for affected customers.

    Pulse ID: 671c046cff58f8a468fe3e47
    Pulse Link: otx.alienvault.com/pulse/671c0
    Pulse Author: AlienVault
    Created: 2024-10-25 20:49:48

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AWS #CISA #CyberSecurity #InfoSec #LockBit #Mac #MacOS #Mallox #OTX #OpenThreatExchange #RAT #RansomWare #Vulnerability #ZeroDay #bot #AlienVault

  2. SOCRadar provides a threat actor profile for Mallox Ransomware group. Mallox Ransomware, aka TargetCompany, Tohnichi, and Fargo, is a ransomware group active since mid-2021 using multi-extortion tactics. Their initial infection vector includes exploiting CVE-2019-1068 (8.8 high, disclosed 15 July 2019 by Microsoft, SQL Server RCE) and CVE-2020-0618 (8.8 high, disclosed 11 February 2020 by Microsoft, SQL Server Reporting Services RCE), brute force attacks against internet facing applications, and phishing emails with attachments. SOCRadar provides a description of other TTPs, mapped to MITRE ATT&CK. IOC provided with dates. 🔗 socradar.io/dark-web-profile-m

    #Mallox #Ransomware #threatintel #IOC

  3. SOCRadar provides a threat actor profile for Mallox Ransomware group. Mallox Ransomware, aka TargetCompany, Tohnichi, and Fargo, is a ransomware group active since mid-2021 using multi-extortion tactics. Their initial infection vector includes exploiting CVE-2019-1068 (8.8 high, disclosed 15 July 2019 by Microsoft, SQL Server RCE) and CVE-2020-0618 (8.8 high, disclosed 11 February 2020 by Microsoft, SQL Server Reporting Services RCE), brute force attacks against internet facing applications, and phishing emails with attachments. SOCRadar provides a description of other TTPs, mapped to MITRE ATT&CK. IOC provided with dates. 🔗 socradar.io/dark-web-profile-m

    #Mallox #Ransomware #threatintel #IOC