CISA Publishes Analysis on New FiveHands Ransomware

  /     /     /  
Publicated : 23/11/2024   Category : security


CISA Publishes Analysis on New FiveHands Ransomware


Attackers used publicly available tools, FiveHands ransomware, and SombRAT to successfully target an organization, officials report.



Attackers used publicly available penetration testing and exploitation tools, the FiveHands ransomware, and the SombRAT remote access Trojan to steal information, obfuscate files, and demand ransom, officials report. They also used publicly available tools for network discovery and credential access.
The initial access vector in these attacks was a zero-day vulnerability in a virtual private network (VPN). In its recommendations to organizations, the CISA advises using multifactor authentication, particularly on all VPN connections, external-facing services, and privileged accounts. It also advises decommissioning unused VPN servers, which could be an entry point.
Analysis of the FiveHands ransomware is still ongoing; CISA plans to update its report as new information becomes available.
Read the full 
Analysis Report
 and 
Malware Analysis Report
 for more details.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CISA Publishes Analysis on New FiveHands Ransomware