In the News - Anomali.com

News & Events

In the News

The Hacker News

July 10, 2019  |  The Hacker News, Mohit Kumar

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to...
Read More

SC Media

July 10, 2019  |  SC Media, Doug Olenick

New eCh0raix ransomware now hitting QNAP NAS drives

Anomali has unveiled a new ransomware variant that is targeting network attached storage (NAS) devices made by QNAP Systems. The ransomware, dubbed eCh0raix after a line in the code, was first spotted in June when a discussion regarding it appeared in Bleeping Computer’s forums. At this point...
Read More

ZDNet

July 10, 2019  |  ZDNet, Danny Palmer

This new ransomware is targeting network attached storage devices

A newly discovered form of ransomware is is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems. Dubbed eCh0raix after a string of code, the new form of file-locking malware emerged in June and has been detailed by cybersecurity researchers...
Read More

CyberWire

July 8, 2019  |  CyberWire

Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018

Anomali has described a Microsoft Office exploit "supply chain" being shared among at least five Chinese groups: Conimes, KeyBoy, Emissary Panda, Rancor, and Temp[dot]Trident. Specifically, they're all working the "Royal Road Rich Text Format (RTF) weaponizer," and using it to exploit CVE-2017-11882 and CVE-2018-0802.Read...
Read More

SecurityWeek

July 3, 2019  |  SecurityWeek, Kevin Townsend

Multiple Chinese Groups Share the Same RTF Weaponizer

During an investigation into a possibly shared RTF weaponizer by Indian and Chinese APT groups, researchers have discovered that multiple Chinese groups have updated the weaponizer to exploit the Microsoft Equation Editor (EE) vulnerability CVE-2018-0798. The same weaponizer had previously delivered exploits for EE vulnerabilities CVE-2017-11882 and CVE-201...
Read More

ZDNet

June 11, 2019  |  ZDNet, Danny Palmer

This Unusual Windows Malware is Controlled via a P2P Network

A new malware campaign aimed at Windows machines features a novel technique to control the resulting botnet, with the group behind it hiding their communications using a P2P network. Dubbed IPStorm – short for InterPlanetary Storm – by its cyber criminal operators, the campaign was discovered in May. It'...
Read More

The Tech Tribuone

May 2, 2019  |  The Tech Tribuone

2019 Best Tech Startups in Redwood City

The Tech Tribune staff has compiled the very best tech startups in Redwood City, California.Read More
Read More

CRN

March 27, 2019  |  CRN, Michael Novinson

10 Hottest Threat Intelligence Platforms In 2019

Here's a look at how companies like Cisco, CrowdStrike, and FireEye use massive quantities of threat data to protect businesses from emerging threats like ransomware, botnets, and zero-day attacks.Read More
Read More

CRN

February 27, 2019  |  CRN, Michael Novinson

Symantec Boosts Tech Integrations With Data Exchange, Startup Help

The ICD Exchange will make it easier for other software providers such as Box, ServiceNow, Microsoft and Anomali to quickly integrate and obtain more guidance around the data they can use from Symantec. Symantec has infused its Integrated Cyber Defense (ICD) platform with new related to shared intelligence and shared...
Read More

ZDNet

February 27, 2019  |  ZDNet, Charlie Osborne

Federal threat information sharing gets a more enterprise mindset

Researchers have discovered phishing campaigns mimicking US government bidding sites and procurement portals in a bid to scam federal contractors. On Monday, Anomali Labs researchers said the phishing schemes were detected in late February, in which a malicious server was found to be hosting two separate campaigns. The...
Read More