Blueliv Intelligence Briefing

Your cybersecurity news summary

Monday,   September 7th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

New strain of Thanos Ransomware unsuccessfully adds Windows MBR

"Overwriting the MBR is a more destructive approach to ransomware than usual," researchers said, "Victims would have to expend more effort to recover their files – even if they paid the ransom; fortunately, in this case, the code responsible for overwriting the MBR caused an exception because the ransom message contained invalid characters, which left the MBR intact and allowed the system to boot correctly." Even though they failed to overwrite the compromised computers' MBRs, the Thanos operators still dropped ransom note they regular way by creating HOW_TO_DECIPHER_FILES.txt text files and asking the victims to pay $20,000 to recover their data. The researchers think that the attackers gained access to the targets' networks before the ransomware payloads were deployed since they were able to find valid credentials within the samples recovered after the attack. Learn more >

Demo Free Trial MSSP