Valak Loader Revamped To Rob Microsoft Exchange Servers – Expert Comments

In response to reports that Valak malware has now changed to an information stealer that target Microsoft Exchange servers to steal enterprise mailing information, passwords and enterprise certificates, a cybersecurity expert offers comments.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
James McQuiggan
James McQuiggan , Security Awareness Advocate
InfoSec Expert
May 29, 2020 7:53 pm

Just like organizations providing a service or product, they are continually updating it to improve the technology or capabilities. Criminal groups are no different, as seen with Valak. In the past nine months, this malicious software has increased its functions to steal sensitive information and deploy additional malware.

Organizations need to be aware of the constant changes with criminal groups and incorporate threat intelligence into their cybersecurity programs. Having the technology to monitor for changes to the infrastructure or newly scheduled tasks to systems that may not need them can be one method to prevent further infection.

Ideally, having a robust security awareness and training program for employees to be aware of the phishing scams and remain vigilant towards attachments, especially ones requiring macros to be enabled, can further protect organizations from these types of attacks.

Last edited 2 years ago by James McQuiggan
1
0
Would love your thoughts, please comment.x
()
x