New MuddyWater attacks made to resemble ransomware campaign

10 April 2023

Iran state-sponsored threat group MuddyWater, also known as Mercury, Cobalt Ulster, TEMP.Zagros, Yellow Nix, Static Kitten, Earth Vetala, Boggy Serpens, and ITG17, has been collaborating with DEV-1084 in launching attacks against on-premises and cloud infrastructures in a fashion similar to a ransomware campaign, although the attacks were intended to be disruptive and destructive, according to The Hacker News. “Mercury likely exploited known vulnerabilities in unpatched applications for initial access before handing off access to DEV-1084 to perform extensive reconnaissance and discovery, establish persistence, and move laterally throughout the network, oftentimes waiting weeks and sometimes months before progressing to the next stage,”

Read full article on SC Magazine

Date:

10 April 2023

Categorie(s):

NEWS

Tag(s):

IT, MuddyWater, New, News

AWS is issued a renewed certificate for the BIO Thema-uitwerking Clouddiensten with increased scope3 May 2024
Ahead of RSA, Menlo Security announces partnership with Google Cloud for better browser security3 May 2024
It may take decade to shore up software supply chain security, says infosec CEO3 May 2024
U.K., U.S. and Canadian Cyber Authorities Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems3 May 2024
Top 5 Global Cyber Security Trends of 2023, According to Google Report3 May 2024