Microsoft spokesmen disclosed on 17 August 2023 that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company's threat intelligence team said in a series of posts on X (formerly Twitter). "This Bla
noberus (3)
If you keep feeding the local stray cat, it will never go away. Like malware, if you don’t stomp it out, it keeps harassing you. The threat actors behind BlackCat ransomware have developed an improved variant that prioritizes speed and stealth to bypass security guardrails and achieve their ransom objectives. The new version, Sphynx, and announced in February 2023 and includes updated capabilities that strengthen the group's efforts to evade detection. The "product" update was first highligh
Activity Summary - Week Ending on 30 September 2022:
- Red Sky Alliance identified 31,149 connections from new IP’s checking in with our Sinkholes
- Hetzner in Bavaria Germany hit 28x
- Analysts identified 3,298 new IP addresses participating in various Botnets
- dotCMS Issues
- Meta to the Rescue
- Noberus, aka: BlackCat ALPHV
- Optus
- Industroyer
Link to full report: IR-22-274-001_weekly274.pdf