Several threat actors have recently used outdated Adobe software to exploit systems and deploy ransomware payloads, highlighting the ever-evolving tactics that they use to attack networks and deploy the ransomware payloads. It has been discovered that the attack took place during September and early October and was aimed at gaining access to Windows servers and releasing ransomware. However, it was a valuable learning experience, which served as a valuable learning opportunity despite the failure of the attack.
In order to uncover the attack, Sophos researchers examined the threat actor’s approach to the attack. The researchers discovered that the attacker intended to use leaked source code from the LockBit 3.0 ransomware family of a malware family known for its fast and effective execution.
Other campaigns have also repurposed different ransomware variants in order to create new variants of the virus.
Threat actors have always been interested in the servers as they are undoubtedly one of the most effective ways of attacking an organization, as they are one of the more efficient paths to penetrate it.
Generally, server-related accounts have the highest privilege levels in the network, making it easy for their administrators to easily move from one machine to another in the network.
There are a variety of threats being delivered to servers
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: