Sunday, July 14, 2024
EHA

New Destructive Malware Targeting Government Agencies & Organizations

The cybersecurity researchers at Microsoft have recently reported that on the websites of some Ukrainian organizations and government agencies, hackers are constantly attacking with malicious software and malware.

It has been noted that the malicious software used looks like ransomware, but without a ransom mechanism. In short, it is used by the attackers to disrupt the affected systems only, not to demand any ransom payments.

While since January 13 Microsoft has recorded similar software and malware on dozens of systems. However, till now in the group that is behind these attacks, there is no substantial overlap between the unique characteristics has been detected.

But, Microsoft has confirmed that they are still continuing their investigation and tracking each activity.  

Affected organizations

Due to these attacks and malware, several organizations were affected and here they are:-

  • Government agencies that provide critical executive branch or emergency response functions.
  • An IT firm that operates websites for clients of both the public and private sectors.
  • Websites Government agencies.

Here’ what Microsoft stated:-

“We are aware of current geopolitical developments in Ukraine and other regions. But, we have also notified each of the impacted organizations we have identified so far, partnered with other cybersecurity providers to share what we know, and notified appropriate government agencies in the United States and elsewhere.”

But, Microsoft has already alerted all the affected organizations, and strongly recommended them to execute a brief investigation of the incident. As of now, there are no accusations or speculation have been confirmed about who is behind these attacks.

Moreover, after identifying this malware Microsoft has promptly deployed all the necessary protections into the following products:-

  • Microsoft 365 Defender Endpoint Detection (EDR)
  • Anti-virus (AV) protections

While so far there no such trace has been detected or reported about the exploitation of this vulnerability in the products and services of Microsoft.

Website

Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles