Lavi Lazarovitz, Head of Security Research, CyberArk Labscommented thewiper attack on Ukraine. The wiper malware, called HermeticWiper, was followed by CyberArk Labs who identified specific characteristics of the malware itself. Some elements, in fact, make the malware truly unique. Let’s see the details.
According to Lazarovitz: “Wiper distribution does not appear to exploit supply chain vulnerabilities or other super-spreading techniques.” As a result, the infection, the expert points out, it will not quickly spread to other geographic areas. According to CyberArk, the ransomware distributed using the Active-Director group policy. This means that the attackers had privileged access to AD.
Of note, Lazarovitz points out about the wiper attack against Ukraine, which for the malware seems to be configured to: “keep the domain running and allow the ransomware to use valid credentials to authenticate to servers and encrypt them”. This detail confirms that the attackers use compromised identities to be able to access the network and / or to move sideways.
It should be noted that HermeticWiper is also considered a sensitive threat by the Italian Cybersecurity Agency. The attack that hit computer systems in Ukraine also raises concern due to possible further future attacks. The war, as well as on traditional fronts, is now also fought in a cybernetic way.
The concept of an intercom, even that of a video intercom, is certainly not a…
The weekend begins with a very intense challenge, between two teams that have performed well…
In the world of mobile gaming, Monopoly GO is a popular game known for being…
After the success of the first season, the animated series Monsters & Co Lavori in…
Xiaomi could launch a new cheap smartphone: Redmi 13. The first rumors speak of a…
The world of Formula 1 is always celebrated in every form of media possible. This…