TechNadu is sharing images from a reported Babuk cyberattack on Japanese Power Tool Maker Yamabiko (who has not yet issued a statement on the attack). The threat actors claim to have stolen 0.5 TB of sensitive data and are already leaking out some of the documents. An expert from Blue Hexagon offers comments.

Experts Comments

May 11, 2021
Saumitra Das
CTO and Co-founder
Blue Hexagon

Due to the deluge of new CVEs this year, attackers have now started attacking company infrastructure as an entry rather than the usual first vectors of phishing users, finding leaked credentials or open RDP. For example, a new zero-day CVE-2021-22893 was used along with old bugs in Pulse Secure VPNs by state-sponsored attackers to compromise several government agencies and corporations with 12 malware strains. It appears that in this attack as well, attackers may have used VPN as an entry point

.....Read More

Due to the deluge of new CVEs this year, attackers have now started attacking company infrastructure as an entry rather than the usual first vectors of phishing users, finding leaked credentials or open RDP. For example, a new zero-day CVE-2021-22893 was used along with old bugs in Pulse Secure VPNs by state-sponsored attackers to compromise several government agencies and corporations with 12 malware strains. It appears that in this attack as well, attackers may have used VPN as an entry point to gain a foothold. Such infection methods circumvent prevention-based perimeter defense like firewalls and necessitate the use of network detection and response to find attack traces that signature-based technologies miss.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.