In response to reports that Valak malware has now changed to an information stealer that target Microsoft Exchange servers to steal enterprise mailing information, passwords and enterprise certificates, a cybersecurity expert offers comments.
In response to reports that Valak malware has now changed to an information stealer that target Microsoft Exchange servers to steal enterprise mailing information, passwords and enterprise certificates, a cybersecurity expert offers comments.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Just like organizations providing a service or product, they are continually updating it to improve the technology or capabilities. Criminal groups are no different, as seen with Valak. In the past nine months, this malicious software has increased its functions to steal sensitive information and deploy additional malware.
Organizations need to be aware of the constant changes with criminal groups and incorporate threat intelligence into their cybersecurity programs. Having the technology to monitor for changes to the infrastructure or newly scheduled tasks to systems that may not need them can be one method to prevent further infection.
Ideally, having a robust security awareness and training program for employees to be aware of the phishing scams and remain vigilant towards attachments, especially ones requiring macros to be enabled, can further protect organizations from these types of attacks.