Paid adverts for popular business software such as Slack and Cisco AnyConnect are being used to lure corporate victims into downloading malware that in turn leads to ransomware deployment.
"Using Python libraries allows attackers to more easily blend into an organization's normal traffic patterns since they are so ubiquitous. Added obfuscation techniques further delay defenders from spotting malicious activity."
eSentire says it stopped the BlackCat ransomware attack before it unfolded, but the company has a special resentment for the group owing to its previous, 'despicable' methods.
#ALPHV/BlackCat ransomware #malvertising campaigns #Nitrogen malware #Python libraries #ransomware attacks
[
add
]
[
|
|
...
]