FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file.
The attacker uses a multi-stage malware strategy to deliver the notorious “Cobalt Strike” payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery. Over the past few years, Ukraine has been a significant target due to its geopolitical situation. The history of these attacks reveals a pattern of increasing complexity and frequency, particularly during periods of geopolitical tension.
Read more…
Source: Fortinet
Related:
- Ferrari reports cyber incident with ransom demand; no impact to operations
March 20, 2023
Italian luxury sports car maker Ferrari SpA said on Monday that a hacker recently demanded ransom from the company related to certain client contact details, adding that the breach had no impact on the company’s operations. Ferrari said it notified its customers of the potential data exposure and the nature of the incident. Read more… Source: Yahoo! News
- Wymondham College hit by sophisticated cyber attack
March 14, 2023
Wymondham College said disruption was likely to continue until the Easter holidays due to its IT system being targeted. In a message sent to students, seen by the EDP, the college apologised for disruption but said it believed there had been no data breach. Read more… Source: Wymondham Evening News
- Cyprus: Land registry website problems due to ‘cyber attack’
March 12, 2023
After a “thorough evaluation of all data”, the land registry department on Sunday said the technical problem that saw it go offline since Wednesday was due to a “cyber attack” The department said that due to the nature of the problem and the size of the systems, they will be gradually restored, starting with the restoration ...
- “Massive” cyber attack crashes African Union’s system
March 11, 2023
Cyber attackers prey on the African Union (AU), resulting in the unscheduled suspension of its systems. The Reporter got a copy of an internal memo that said an attack on the AU data center started last week, making services and applications unavailable. Sources say that more than 200 corrupted devices have been found and are being ...
- Dish Network confirms network outage was a cybersecurity breach
February 28, 2023
Dish Network, one of the largest television providers in the United States, confirmed on Tuesday that a previously disclosed “network outage” was the result of a cybersecurity breach that affected the company’s internal communications systems and customer-facing support sites. Shares dropped over 6% on the news and a double-downgrade from Bank of America. Read more… Source: CNBC News
- “Major” cyberattack compromised sensitive U.S. Marshals Service data
February 28, 2023
The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a “major incident” by officials, impacting a “stand-alone” system (meaning it is not connected to a larger ...