Ransomware attackers are increasing their focus on avoiding detection in order to prolong their presence on targeted networks, a recent report from Cisco Talos indicates. This shift is driven by the rise of the double-extortion ransomware model, where hackers not only encrypt systems but also threaten to leak stolen data unless a ransom is paid. … Read more
A recent report from MITRE detailed how hackers connected to China utilized VMware to evade detection and maintain persistence in a recent cyberattack. The hackers took advantage of vulnerabilities in VMware software to gain access to networks and deploy malware, allowing them to carry out a sophisticated and sophisticated cyber intrusion. The report highlights the … Read more
Mar 01, 2024NewsroomLinux / Cyber Threat Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. “This latest version of Bifrost aims to bypass security measures and compromise targeted systems,” Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth … Read more
A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. First identified twenty years ago, Bifrost is one of the longest-standing RAT threats in circulation. It infects users via malicious email attachments or payload-dropping … Read more