* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, July 2, 2026
Earth-News
  • Home
  • Business
  • Entertainment

    How Investors Might Respond to PENN Entertainment’s Aurora Casino Launch and the Russell 2000 Shake-Up

    Discover La Jolla’s Unmissable Entertainment and Experiences: Your Ultimate Guide

    Seaport Entertainment GC Steps Into New Role as Strategic CEO Adviser

    PENN Entertainment to Reveal Second Quarter Results and Host Live Conference Call on August 6

    Get Ready for Dancing, Music, and Lobster Tales at the Opera House!

    Get Ready for the Next Big Things from PlayStation Studios!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security – Yahoo Finance

    Revolutionary AI Tool Set to Transform RNA Mapping, Challenging AlphaFold 3

    Essential Insights from Bosch’s BIS Settlement and DOJ Declination: What Every Company Using U.S. Technology Must Understand About the Foreign Direct Product Rule

    US Intensifies Trade Restrictions with Expanded Ban on Chinese Technology Imports

    How Cutting-Edge Technology and Knowledge Adoption Are Revolutionizing the Work Lives of Visually Impaired Employees

    Madison Parade of Homes Unveils Cutting-Edge Technology While Tackling Affordability Challenges

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment

    How Investors Might Respond to PENN Entertainment’s Aurora Casino Launch and the Russell 2000 Shake-Up

    Discover La Jolla’s Unmissable Entertainment and Experiences: Your Ultimate Guide

    Seaport Entertainment GC Steps Into New Role as Strategic CEO Adviser

    PENN Entertainment to Reveal Second Quarter Results and Host Live Conference Call on August 6

    Get Ready for Dancing, Music, and Lobster Tales at the Opera House!

    Get Ready for the Next Big Things from PlayStation Studios!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security – Yahoo Finance

    Revolutionary AI Tool Set to Transform RNA Mapping, Challenging AlphaFold 3

    Essential Insights from Bosch’s BIS Settlement and DOJ Declination: What Every Company Using U.S. Technology Must Understand About the Foreign Direct Product Rule

    US Intensifies Trade Restrictions with Expanded Ban on Chinese Technology Imports

    How Cutting-Edge Technology and Knowledge Adoption Are Revolutionizing the Work Lives of Visually Impaired Employees

    Madison Parade of Homes Unveils Cutting-Edge Technology While Tackling Affordability Challenges

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

A Disturbing Trend in Ransomware Attacks: Legitimate Software Abuse

July 21, 2023
in Business
A Disturbing Trend in Ransomware Attacks: Legitimate Software Abuse
Share on FacebookShare on Twitter

When discussing ransomware groups, too often the focus is on their names, such as Noberus, Royal or AvosLocker, rather than the tactics, techniques, and procedures (TTPs) used in an attack before ransomware is deployed. For example, the particularly heavy use of legitimate software tools in ransomware attack chains has been notable in recent times. In fact, we rarely see a ransomware attack that doesn’t use legitimate software.

Staying Under the Radar: Why Abuse Is Rampant

Ransomware attacks remain a major cybersecurity problem. Ransomware actors, like threat actors in general, are abusing legitimate software for a number of reasons. First is a desire for stealthiness — they’re trying to get into and out of networks as quickly as possible without being discovered. Leveraging legitimate software can allow attackers’ activity to remain hidden, which may allow them to achieve their goals on a victim network without being discovered. Legitimate software misuse also can make attribution of an attack more difficult, and these tools can also lower barriers to entry. This means less-skilled hackers may still be able to conduct quite wide-ranging and disruptive attacks.

The legitimate tools we most commonly see being used by malicious actors are remote monitoring and management (RMM) tools, such as AnyDesk, Atera, TeamViewer, ConnectWise, and more. In fact, the use of RMM software by malicious actors was considered serious enough for the Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert about this kind of. As recently as February this year, the Symantec Threat Hunter team saw ConnectWise used in both Noberus and Royal ransomware attacks. These tools are commonly used legitimately by IT departments in small, midsize, and large organizations.

Rclone, a legitimate tool for managing content in the cloud, was also used in a Noberus attack recently. In this particular case, attackers used Rclone to exfiltrate files because their earlier attempt to exfiltrate data, using their own custom ExMatter tool, had failed because it was blocked by security software.

AdFind, a legitimate free command-line query tool that can be used for gathering information from Active Directory, is also frequently used by ransomware attackers, who use it to map a network. PDQ Deploy, a tool that sysadmins use to apply patches, is also often abused by attackers, who use it to drop scripts onto victim networks quite efficiently. It’s not just legitimate tools that are used for malicious purposes by ransomware actors. For example, multiple state-sponsored groups have used legitimate cloud infrastructure such as Google Drive, Dropbox, OneDrive, and others for command-and-control (C&C) infrastructure and to exfiltrate and store stolen data.

Stay Vigilant

Attacks that leverage legitimate software and infrastructure present a particular challenge for both defenders and organizations. A blunt-instrument approach such as blocking the service or tool doesn’t work in these kinds of cases.

And this problem isn’t going away. With every new technology, bad actors will find a way to use it for their own nefarious purposes. For example, a few years ago the cloud wasn’t necessarily a big feature in many organizations. Now, obviously, as more data is moving to the cloud, the infrastructure itself is being used for malicious means, and legitimate tools for use in the cloud, such as Rclone, are being misused by attackers.

To reduce the risk of misuse of legitimate software, organizations should take the following steps:

Improve visibility: The old approach of simply detecting, blocking, and deleting malicious files is no longer sufficient to protect your organization in a cyber-threat landscape where legitimate tools, dual-use tools, and legitimate infrastructure are increasingly being used by malicious actors. Organizations need to have a comprehensive view of their network — they need to know what software is installed on their networks. If unauthorized legitimate tools are found, treat that discovery with the highest priority.

Implement least privilege: User permissions should be kept to a minimal level, without impacting user experience, so that if an attacker gains access to a machine or account, it doesn’t mean they can necessarily spread widely across the network, or that they can access everything that’s on the computer, or the network.

Go beyond malware detection: Since bad actors are often leveraging legitimate software, it’s important that organizations use a security solution that can detect and analyze suspicious behavior — and stop it. Vigilance within an organization is also key. You need to build a culture of security at your organization so that everyone is on the lookout for any kind of suspect behavior that might occur.

To read more from the Threat Hunter team at Broadcom go here: https://symantec-enterprise-blogs.security.com/blogs/

About Brigid O’Gorman:

O’Gorman

Brigid O’Gorman is a Senior Intelligence Analyst on the Symantec Enterprise Threat Hunter Team, part of Broadcom. She works with other security experts within Symantec to investigate targeted attacks, ransomware and other cybercrime. The team drives enhanced protection in Symantec products, and offers analysis and insights to help customers and more respond to malicious attacks.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : CIO – https://www.cio.com/article/645393/a-disturbing-trend-in-ransomware-attacks-legitimate-software-abuse.html

Tags: businessDisturbingTrend
Previous Post

How SAP changed Carl Zeiss AG’s view of optical product manufacturing

Next Post

Banking on customer experience and security via technology-based innovation

The Role of Behavioural Science in Climate Change Adaptation – Impakter

July 2, 2026

UNESCO Unveils Groundbreaking Open Science Platform Set to Transform Research

July 2, 2026

Keith Haring’s Iconic Street Art Comes to Life in a Bold New Fashion Collaboration

July 2, 2026

Kane’s Heroics Seal England’s Spot in World Cup 2026 – July 2 Live Updates

July 2, 2026

Top Economists Sound the Alarm on Urgent Dangers of AI

July 2, 2026

Unveiling the Latest Monthly Medicaid and CHIP Enrollment Trends

July 2, 2026

How Investors Might Respond to PENN Entertainment’s Aurora Casino Launch and the Russell 2000 Shake-Up

July 2, 2026

Supreme Court Opens the Floodgates for Political Party Campaign Spending and Coordination

July 2, 2026

CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security – Yahoo Finance

July 1, 2026

Over 130 Clean Water Projects Launched Statewide, Highlighting a Major Effort in Thurston County

July 1, 2026

Categories

Archives

July 2026
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (1,295)
  • Economy (1,315)
  • Entertainment (22,194)
  • General (22,419)
  • Health (10,352)
  • Lifestyle (1,329)
  • News (22,149)
  • People (1,320)
  • Politics (1,337)
  • Science (16,530)
  • Sports (21,814)
  • Technology (16,301)
  • World (1,309)

Recent News

The Role of Behavioural Science in Climate Change Adaptation – Impakter

July 2, 2026

UNESCO Unveils Groundbreaking Open Science Platform Set to Transform Research

July 2, 2026
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version