News & Events
In the News
July 10, 2019 | The Hacker News, Mohit Kumar
A New Ransomware Is Targeting Network Attached Storage (NAS) Devices
A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to...
Read More
July 10, 2019 | SC Media, Doug Olenick
New eCh0raix ransomware now hitting QNAP NAS drives
Anomali has unveiled a new ransomware variant that is targeting network attached storage (NAS) devices made by QNAP Systems. The ransomware, dubbed eCh0raix after a line in the code, was first spotted in June when a discussion regarding it appeared in Bleeping Computer’s forums. At this point...
Read More
July 10, 2019 | ZDNet, Danny Palmer
This new ransomware is targeting network attached storage devices
A newly discovered form of ransomware is is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems. Dubbed eCh0raix after a string of code, the new form of file-locking malware emerged in June and has been detailed by cybersecurity researchers...
Read More
July 8, 2019 | CyberWire
Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018
Anomali has described a Microsoft Office exploit "supply chain" being shared among at least five Chinese groups: Conimes, KeyBoy, Emissary Panda, Rancor, and Temp[dot]Trident. Specifically, they're all working the "Royal Road Rich Text Format (RTF) weaponizer," and using it to exploit CVE-2017-11882 and CVE-2018-0802.Read...
Read More
July 3, 2019 | SecurityWeek, Kevin Townsend
Multiple Chinese Groups Share the Same RTF Weaponizer
During an investigation into a possibly shared RTF weaponizer by Indian and Chinese APT groups, researchers have discovered that multiple Chinese groups have updated the weaponizer to exploit the Microsoft Equation Editor (EE) vulnerability CVE-2018-0798. The same weaponizer had previously delivered exploits for EE vulnerabilities CVE-2017-11882 and CVE-201...
Read More
June 11, 2019 | ZDNet, Danny Palmer
This Unusual Windows Malware is Controlled via a P2P Network
A new malware campaign aimed at Windows machines features a novel technique to control the resulting botnet, with the group behind it hiding their communications using a P2P network. Dubbed IPStorm – short for InterPlanetary Storm – by its cyber criminal operators, the campaign was discovered in May. It'...
Read More
May 2, 2019 | The Tech Tribuone
2019 Best Tech Startups in Redwood City
The Tech Tribune staff has compiled the very best tech startups in Redwood City, California.Read More
Read More
March 27, 2019 | CRN, Michael Novinson
10 Hottest Threat Intelligence Platforms In 2019
Here's a look at how companies like Cisco, CrowdStrike, and FireEye use massive quantities of threat data to protect businesses from emerging threats like ransomware, botnets, and zero-day attacks.Read More
Read More
February 27, 2019 | CRN, Michael Novinson
Symantec Boosts Tech Integrations With Data Exchange, Startup Help
The ICD Exchange will make it easier for other software providers such as Box, ServiceNow, Microsoft and Anomali to quickly integrate and obtain more guidance around the data they can use from Symantec.
Symantec has infused its Integrated Cyber Defense (ICD) platform with new related to shared intelligence and shared...
Read More
February 27, 2019 | ZDNet, Charlie Osborne
Federal threat information sharing gets a more enterprise mindset
Researchers have discovered phishing campaigns mimicking US government bidding sites and procurement portals in a bid to scam federal contractors. On Monday, Anomali Labs researchers said the phishing schemes were detected in late February, in which a malicious server was found to be hosting two separate campaigns. The...
Read More