The World Has Changed – Security Should Transform to Stay AheadApril 29, 2020
Security Stories 4: Building the best cybersecurity team, with Mark WeatherfordApril 30, 2020
By Asheer Malhotra
- Cisco Talos has observed an upgraded version of a malspam campaign known to distribute multiple remote access trojans (RATs).
- The infection chain utilized in the attacks is highly modularized.
- The attackers utilize publicly available infrastructure such as Bitly and Pastebin (spread over a number of accounts) to direct and host their attack components.
- Network-based detection, although important, should be combined with endpoint protections to combat this threat and provide multiple layers of security.
Cisco Talos has observed a new Aggah campaign consisting of the distribution of malicious Microsoft Office documents (maldocs) via malicious spam (malspam) emails distributing a multi-stage infection to a target user’s endpoint.
The final payload of the infection consists of a variety of Remote-Access-Tool (RAT) families such as:
The post Upgraded Aggah malspam campaign delivers multiple RATs appeared first on Cisco Blogs.