New AstraLocker Version Phishing Campaign

Context On June 28, 2022, ReversingLABS researchers reported a phishing campaign using malicious Microsoft Office files to distribute the new 2.0 version of the AstraLocker ransomware. Researchers assess that the threat actors behind the campaign likely obtained the AstraLocker 2.0 code from the Babuk leak in September of 2021, based on shared code and campaign…

Read More

Prioritize Remediation with a Risk-Based Approach to Vulnerability Management

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerability management is the process of identifying, prioritizing, and remediating these vulnerabilities to reduce an organization’s overall risk. Prioritization of vulnerabilities is essential because not all vulnerabilities are going to…

Read More