Babuk Claims Yamabiko Cyberattack

By   ISBuzz Team
Writer , Information Security Buzz | May 11, 2021 07:07 am PST

TechNadu is sharing images from a reported Babuk cyberattack on Japanese Power Tool Maker Yamabiko (who has not yet issued a statement on the attack). The threat actors claim to have stolen 0.5 TB of sensitive data and are already leaking out some of the documents. An expert from Blue Hexagon offers comments.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Saumitra Das
Saumitra Das , CTO and Co-founder
May 11, 2021 3:09 pm

<p>Due to the deluge of new CVEs this year, attackers have now started attacking company infrastructure as an entry rather than the usual first vectors of phishing users, finding leaked credentials or open RDP. For example, a new zero-day <a href=\"https://nvd.nist.gov/vuln/detail/CVE-2021-22893\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://nvd.nist.gov/vuln/detail/CVE-2021-22893&source=gmail&ust=1620831053864000&usg=AFQjCNHVAAqNUGrqx_zFynLrvHUAOxn9pg\">CVE-2021-22893</a> was used along with old bugs in Pulse Secure VPNs by state-sponsored attackers to compromise several government agencies and corporations with 12 malware strains. It appears that in this attack as well, attackers may have used VPN as an entry point to gain a foothold. Such infection methods circumvent prevention-based perimeter defense like firewalls and necessitate the use of network detection and response to find attack traces that signature-based technologies miss.</p>

Last edited 2 years ago by Saumitra Das

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x