Ransomware cyber

Malwarebytes

Sep 12, 2024 1 min read
Malwarebytes

Malwarebytes' security systems faced an attack by the RansomHub ransomware gang, who leveraged Kaspersky's TDSSKiller tool to disable endpoint detection and response (EDR) services. This tactic, directed at the Malwarebytes Anti-Malware Service, was part of the attackers' strategy to undermine defense mechanisms and facilitate ransomware deployment. Additionally, the LaZagne tool was used for extracting and likely exfiltrating credentials. While the extent of the breach has not been publicized, the usage of legitimate tools allowed the attackers to bypass security measures, indicating a sophisticated approach and underscoring the challenges organizations face in protecting against such illicit activities by ransomware operators.

Source: https://securityaffairs.com/168296/malware/ransomhub-ransomware-tdskiller-disable-edr.html

"id": "mal000091224",
"linkid": "malwarebytes",
"type": "Ransomware",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

Comcast

public 1 min read
Comcast was affected by a data breach at Financial Business and Consumer Solutions (FBCS), a third-party agency providing collection-related services.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.