New “NullMixer” Dropper Spreading Multiple Malware Families

A new dropper named “NullMixer” is spreading multiple malware families, including some seen regularly by the RH-ISAC community. Context On September 26, 2022, researchers at SecureList reported a new dropper they named “NullMixer” which spreads multiple malware families via malicious websites impersonating legitimate software downloads. According to SecureList, in addition to multiple malware families, NullMixer…

Read More

Reducing the Risk Bad Bots Pose to your Application Security

According to the 2022 Imperva Bad Bot Report, 27.7% of online traffic came from bad bots. For retail websites, it’s 23.6%. Bots routinely target retail sites with scalping and denial of inventory attacks, as well as fraud, gift card fraud, and account takeovers. The problem that many organizations are facing today is how to distinguish…

Read More

LockBit 3.0 Builder Code Leak Technical Analysis

On September 21, 2022, the LockBit 3.0 ransomware builder named “Black” was leaked online by a developer working for the LockBit threat group. On September 22, 2022, security researchers Yang HuiSeong and Jeong Hyunsik released a technical analysis of the code. The leaked code is currently available on GitHub. Threat Actor Details LockBit is a…

Read More

RH-ISAC Announces 2022 Award Winners

The RH-ISAC awards are an annual opportunity to honor the individuals and member companies who have gone above and beyond in their commitment to the RH-ISAC community. The recipients of these awards have displayed extraordinary dedication to the culture of sharing and have gone out of their way to assist RH-ISAC in fulfilling our mission…

Read More

The Threat of Rogue Mobile Apps to Retail and Hospitality Brands

Mobile apps can serve as a convenient way for your customers to do business with you from their smartphones, but just like criminals can attempt to spoof your domains, they can also spoof your mobile app, even if you don’t have one. Rogue mobile apps are applications that use a trusted brand name to steal…

Read More