[MART] - Daily Diary #434 - CISA Warns US Organizations To Protect Against Data-Wiping Cyberattacks

CTAS-MAT ctas-mat at appgate.com
Wed Jan 19 23:11:23 UTC 2022 

Hello,

I hope everyone is doing well!

Below is the entry for today.

01/19/2022 - Diary entry #434:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a document that warns organizations about potential critical threats. The insights contained in the document recommend steps to quickly detect a potential intrusion to reduce the damage, respond accordingly, and maximize the organization's resilience.

Those measures came in response to the recent cyberattacks in Ukraine, where government agencies and corporate entities suffered coordinated cyberattacks. Last week websites were defaced, and data-wiping malware was deployed to corrupt data and cause devices to become inoperable. Investigations revealed that vulnerabilities were exploited during the attacks, such as a CVE affecting OctoberCMS, the Log4j vulnerabilities, and even stolen credentials were used.

Ukraine blames Russia for the attacks, attributing them to Ghostwriter, a state-sponsored group with links to Belarus. The data-wiping malware, dubbed WhisperGate, is designed to look like ransomware but it has no recovery mechanism. Therefore, it is intended to be destructive and not to obtain a ransom. The organizations affected by this malware are government, non-profit, and information technology organizations, all based in Ukraine.

Kind Regards,
[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
C: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220119/bee8d4e4/attachment.htm>

More information about the MART mailing list