https://www.infosecnews.org/new-zealand-cert-issues-advisory-on-ransomware-campaign/
By William Knowles
Senior Editor
InfoSec News
June 18, 2020
The New Zealand Computer Emergency Response Team (CERT NZ) has released an
advisory on a ransomware campaign leveraging remote access technologies.
Unknown malicious cyber bad actors are targeting organizations’ networks
through remote access tools, such as Remote Desktop Protocol and virtual
private networks, to exploit unpatched vulnerabilities and weak
authentication.
After gaining access, these cyber bad actors use various tools including
mimikatz, PsExec, Cobalt Strike, and Nefilim ransomware for privilege
escalation, lateral movement, persistence, and data exfiltration and
encryption. The issue cannot be resolved by simply restoring data from
backup due to the level of access gained before deploying ransomware.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
