Akira affiliates abuse legitimate Windows drivers to evade detection in SonicWall attacks

Threat Score:
47
CSO Online
4 days ago

Overview

Threat researchers at GuidePoint Security have uncovered Akira affiliates abusing legitimate Windows drivers in a previously unreported tactic, even as the ransomware strain intensifies its targeting of SonicWall firewalls. According to GuidePoint’s threat intelligence consultant Jason Baker, Akira attackers were found hijacking two common Windows drivers as kernel-level tools to evade antivirus and EDR systems. “We have observed Akira affiliates exploiting two common drivers as part of a suspec...

Related Articles

5 articles
1

Google confirms Salesforce CRM breach, faces extortion threat

Security Affairs 4 hours ago

Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that […]

Score
87
Read more
2

Google Hacked – Approx 2.5 Million Records of Google Ads Customer Data Leaked

GB Hackers 2 hours ago

Google Hacked – Approx 2.5 Million Records of Google Ads Customer Data Leaked Google has disclosed a significant data breach involving one of its corporate Salesforce instances, compromising customer data tied to its Google Ads platform. Google has not revealed the exact number of people impacted, but according to ShinyHunters,who spoke with Cyber Security News, the breach exposed around 2.5 million records (Approx). Whether some of these entries are duplicates is still unknown. The incident, de

Score
85
Read more
4

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

The Hacker News 2 hours ago

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks. The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and Shahak Morag, whopresentedtheir findings at the DEF CON 33 security conference today. "As we explored the intricacies of the Windows LDAP client code, we discovered a significant flaw that allowed us to

Score
82
Read more
5

Hackers Found Backdoor in High-Security Safes—Opens in Seconds

Spybusters 6 hours ago

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics. James Rowley and Mark Omo got curious a scandal in the world of electronic safes... In the process, they'd find something far bigger: another form of backdoor intended to let authorized locksmiths open not just Liberty Safe devices, but the high-security Securam Prologic locks used in many of Liberty’s safes and those of at least seven other brands.  More

Score
76
Read more