The Good, the Bad and the Ugly in Cybersecurity - Week 43

Oct. 28, 2024, 12:55 p.m.

Description

CISA proposes new security measures to protect sensitive data from adversary nations, following President Biden's Executive Order. A free file recovery tool for early Mallox ransomware victims is released. A novel macOS ransomware, macOS.NotLockBit, is discovered abusing AWS S3 for data exfiltration. A critical Fortinet zero-day vulnerability (CVE-2024-47575) has been exploited in-the-wild since June, potentially affecting over 50 servers. Fortinet has released a patch and provided mitigation strategies for affected customers.

External References

https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-43-6/
https://otx.alienvault.com/pulse/671c046cff58f8a468fe3e47
Tags
ransomware
zero-day
mallox
cisa
CVE-2024-47575
2024-10-25
fortinet
aws s3
macos.notlockbit

Date

  • Created: Oct. 25, 2024, 8:49 p.m.
  • Published: Oct. 25, 2024, 8:49 p.m.
  • Modified: Oct. 28, 2024, 12:55 p.m.

Attack Patterns

  • macOS.NotLockBit
  • Mallox
  • UNC5820

Additional Informations

  • Technology
  • Defense
  • Finance
  • Telecommunications
  • Government
  • United States of America