TechNadu is sharing images from a reported Babuk cyberattack on Japanese Power Tool Maker Yamabiko (who has not yet issued a statement on the attack). The threat actors claim to have stolen 0.5 TB of sensitive data and are already leaking out some of the documents. An expert from Blue Hexagon offers comments.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Due to the deluge of new CVEs this year, attackers have now started attacking company infrastructure as an entry rather than the usual first vectors of phishing users, finding leaked credentials or open RDP. For example, a new zero-day CVE-2021-22893 was used along with old bugs in Pulse Secure VPNs by state-sponsored attackers to compromise several government agencies and corporations with 12 malware strains. It appears that in this attack as well, attackers may have used VPN as an entry point
.....Read MoreDue to the deluge of new CVEs this year, attackers have now started attacking company infrastructure as an entry rather than the usual first vectors of phishing users, finding leaked credentials or open RDP. For example, a new zero-day CVE-2021-22893 was used along with old bugs in Pulse Secure VPNs by state-sponsored attackers to compromise several government agencies and corporations with 12 malware strains. It appears that in this attack as well, attackers may have used VPN as an entry point to gain a foothold. Such infection methods circumvent prevention-based perimeter defense like firewalls and necessitate the use of network detection and response to find attack traces that signature-based technologies miss.
Read LessLinkedin Message
@Saumitra Das, CTO and Co-founder, provides expert commentary at @Information Security Buzz.
"It appears that in this attack as well, attackers may have used VPN as an entry point to gain a foothold...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/babuk-claims-yamabiko-cyberattack
Facebook Message
@Saumitra Das, CTO and Co-founder, provides expert commentary at @Information Security Buzz.
"It appears that in this attack as well, attackers may have used VPN as an entry point to gain a foothold...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/babuk-claims-yamabiko-cyberattack