In the News - Anomali.com

News & Events

In the News

The Hill

August 16, 2019  |  The Hill, Maggie Miller

Poll: Nearly 4 in 5 say they will consider candidates’ stances on cybersecurity

Almost 80 percent of Americans will consider a candidate’s stance on cybersecurity when deciding their vote in elections, a poll made public Friday by IT security company Anomali found. The poll, complied by both Anomali and The Harris Poll in July, also found that 87 percent of Americans ...
Read More

The Washington Times

August 16, 2019  |  The Washington Times, Andrew Blake

Most Americans support raising federal income tax rates to pay for cybersecurity: Poll

Most adults in the country favor increasing federal income taxes to raise money specifically for defending against cyberattacks, the results of a recent survey suggested Friday. Three-in-five adults polled said they support hiking taxes to help fund government cybersecurity efforts, and nearly four-in-five said they will consider a candidate&rsquo...
Read More

Help Net Security

August 12, 2019  |  Help Net Security

Anomali discovers phishing campaign targeting Chinese government agencies

The Anomali Threat Research Team discovered this new phishing attack leveraging spoof sites that appear to be designed to steal email credentials from target victims within the government of the People’s Republic of China. Although the attackers’ exact motivation is unknown, it is logical to conclude that...
Read More

CyberScoop

August 8, 2019  |  CyberScoop, Jeff Stone

A phishing campaign with nation-state hallmarks is targeting Chinese government agencies

Hackers with possible ties to an advanced persistent threat (APT) group are trying to steal usernames and passwords of Chinese government officials as part of an apparent cyber-espionage effort, according to findings provided exclusively to CyberScoop prior to scheduled publication Thursday.Researchers from the threat intelligence company Anomali have ...
Read More

Dark Reading

July 10, 2019  |  Dark Reading, Jai Vijayan

New Ransomware Targets QNAP’s Network-Attached Storage Devices

Researchers at Anomali have spotted a new ransomware strain that is targeting users of QNAP Systems' network-attached storage (NAS) devices. The operators of the malware appear to be gaining access to the devices either by brute-forcing weak credentials or by exploiting known vulnerabilities in them. However, the exact infection vector...
Read More

Bleeping Computer

July 10, 2019  |  Bleeping Computer, Sergiu Gatlan

New eCh0raix Ransomware Brute-Forces QNAP NAS Devices

A new ransomware strain written in Go and dubbed eCh0raix by the Anomali Threat Research Team is being used in the wild to infect and encrypt documents on consumer and enterprise QNAP Network Attached Storage (NAS) devices used for backups and file storage. "The devices appear to...
Read More

The Hacker News

July 10, 2019  |  The Hacker News, Mohit Kumar

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to...
Read More

SC Media

July 10, 2019  |  SC Media, Doug Olenick

New eCh0raix ransomware now hitting QNAP NAS drives

Anomali has unveiled a new ransomware variant that is targeting network attached storage (NAS) devices made by QNAP Systems. The ransomware, dubbed eCh0raix after a line in the code, was first spotted in June when a discussion regarding it appeared in Bleeping Computer’s forums. At this point...
Read More

ZDNet

July 10, 2019  |  ZDNet, Danny Palmer

This new ransomware is targeting network attached storage devices

A newly discovered form of ransomware is is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems. Dubbed eCh0raix after a string of code, the new form of file-locking malware emerged in June and has been detailed by cybersecurity researchers...
Read More

CyberWire

July 8, 2019  |  CyberWire

Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018

Anomali has described a Microsoft Office exploit "supply chain" being shared among at least five Chinese groups: Conimes, KeyBoy, Emissary Panda, Rancor, and Temp[dot]Trident. Specifically, they're all working the "Royal Road Rich Text Format (RTF) weaponizer," and using it to exploit CVE-2017-11882 and CVE-2018-0802.Read...
Read More