Conti Unpacked: Understanding Ransomware Development as a Response to Detection

Current ThreatsLeave a comment

CREATED 2 HOURS AGO by AlienVaultPublic TLP: WhiteSentinelOne Labs takes a look at Conti’s development over the time and how it has evolved, comparing functionality across versions. REFERENCE: https://assets.sentinelone.com/ransomware-enterprise/conti-ransomware-unpacked TAGS: conti, ransomware MALWARE FAMILY: Conti Ransomware ATT&CK IDS: T1001 – Data Obfuscation, T1471 – Data Encrypted for Impact, T1407 – Download New Code at Runtime,…

PurpleFox botnet exploiting PrintNightmare in cryptocurrency mining campaign

Current ThreatsLeave a comment

CREATED 48 MINUTES AGO by AlienVaultPublic TLP: WhiteTwitter user @C0rk1_H assesses that the PurpleFox botnet has begun exploiting the PrintNightmare (CVE-2021-34527) vulnerability in a recent cryptocurrency mining campaign. REFERENCE: https://twitter.com/C0rk1_H/status/1412801973628272641TAGS: purplefox, printnightmare, cve-2021-34527MALWARE FAMILY: win.purplefox