Art Appraisal Blog

What is #StopRansomware Initiative? #StopRansomware is a joint initiative of The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN). As the ransomware attacks across the globe are increasing at a rapid pace, the primary objective of this #StopRansomware initiative is to stop such ransomware attacks and prevent organizations from falling victim to such ransomware...

Introduction As cyber threats are becoming increasingly advanced these days and the cyber threat landscape for organizations is increasing enormously, there is a need to leverage advanced technologies like artificial intelligence and machine learning to detect such advanced cyber threats. Latest day malware and other malicious software can enter the target networks and move laterally inside the network without getting detected by the traditional signature-based anti-malware and intrusion detection tools....

Summary AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that targets victims across multiple critical infrastructure sectors in the United States, including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. In addition to handling ransom negotiations directly, AvosLocker is also responsible for publishing and hosting exfiltrated victim data after affiliates have infected targets. Therefore, AvosLocker indicators of compromise (IOCs) differ according to the...

Introduction TrickBot is an advanced banking Trojan that was first identified in 2016. Malicious threat actors spread this trojan primarily by spearphishing campaigns using tailored emails that contain malicious attachments or links, which – if enabled – execute the underlying malware. As per the joint advisory released by The Cybersecurity and Infrastructure Security Agency (CISA) and The Federal Bureau of Investigation (FBI), “TrickBot – first identified in 2016 – is...

Introduction: Rootkits are covert computer programs designed to provide unrestricted access to a computer without being detected. The term “Rootkit” is the combination of the words “root” and “kit.” Originally, rootkits were the tools that granted administrators access to a computer system or network. “Root” is the term used to refer to the superuser or administrator who, by default, has access to all files and commands in a Unix/Linux system....

Introduction: The term virus stands for ‘Vital Information Recourse Under Siege.’ Fred Cohen first defined the term ‘computer virus’ in 1983. Computer viruses are malicious code or programs that alter the way a computer operates and can multiply itself from one computer to another without the user’s permission. A virus installs or attaches itself to a legitimate program or document supporting macros to execute its code. Computer viruses behave differently...

Introduction: Cybercriminals use various methods to penetrate a device or network by exploiting the vulnerabilities in the operating system or applications. When a website is compromised, the attackers often leave some piece of malware behind to gain access back to the site. By rejecting an open door, hackers attempt to remain in control of a website and infect it continuously. This is called backdoor malware. Backdoors in cybersecurity are the...

Introduction: MuddyWater APT group has been active since 2017, focusing primarily on victims in the Middle East countries using in-memory vectors leveraging PowerShell. This family leverage “living off the land” attack technique as it does not require creating new binaries on the victim’s computer, maintaining a low detection profile, and minimal forensic footprint. MuddyWater group has targeted countries throughout the Middle East countries, Europe, and United States. MuddyWater APT was...

Introduction The term “Trojan” is typically derived from the ancient Greek story of Troy. Trojans work similarly to the wooden horse in the story, introducing something unexpected under disguise. Trojans are malware disguising themselves as a legitimate file to trick the victims into clicking, downloading, or installing the malicious software onto the machine. It generally infects files, systems, or memory by concealing its actual content so that the user thinks...

What is Malware? Malware, or malicious software, refers to any program or code that infects a computer and causes damage to it. Malware is malicious software that targets and seeks to damage, disable, or destroy computers, computer networks, tablets, and mobile devices, often by taking control of a device’s operations. It interferes with the normal functioning of the device. Malware is the umbrella term that covers all malicious software –...