A sophisticated ransomware attack exploited a critical Atlassian Confluence vulnerability (CVE-2023-22527) to deploy LockBit Black ransomware within two hours. The attackers utilized credential theft, RDP lateral movement, and legitimate tools like PDQ Deploy for distribution. They executed commands, disabled defenses, exfiltrated data, and encrypted files, highlighting the urgent need for security measures and patching.
Chinese hackers evade ESET with MAVInject.exe
Chinese hacking group Earth Preta has been found using a novel technique to bypass antivirus software using a valid Microsoft tool, MAVInject.exe. The group’s malware
