A new ransomware strain called CACTUS has been observed at large commercial entities since March 2023, with attacks employing double extortion tactics to steal sensitive data prior to encryption.
Learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection in this webinar.
Cybersecurity researchers have shed light on a new ransomware type called Cactus.
This ransomware uses exploits in VPN appliances to gain access to targeted networks.
Privilege escalation is followed by lateral movement, data exfiltration, and ransomware deployment.
The last step is achieved by means of a PowerShell script.
CACTUS attacks also utilize Cobalt Strike and a tunneling tool referred to as Chisel for command-and-control.
Remote Monitoring and Management Software like AnyDesk are used to push files to the infected hosts.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply