Meet ‘Egregor,’ a New Ransomware Family to Watch

Subscribe to Newsletters

Hear Microsoft, FedEx & VMware Speak @ Interop Digital
Network Automation Summit presented by Network to Code at Interop Digital
Dark Reading Cybersecurity Summit @ Interop Digital

More Informa Tech Live Events

White Papers

The High Cost of Poor Web Performance

Automate Digital Certificate Lifecycle Management

The 2020 Outbound Email Security Report

More White Papers

Video

All Videos

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-15237
PUBLISHED: 2020-10-05

In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it’s possible for the attacker to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, using `Rack::Utils.secure_compare`….

CVE-2020-16226
PUBLISHED: 2020-10-05

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

CVE-2020-15235
PUBLISHED: 2020-10-05

In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched.

CVE-2020-24231
PUBLISHED: 2020-10-05

Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBean methods. It is possible to install additional MBeans from a remote host using MLet that leads t…

CVE-2020-15236
PUBLISHED: 2020-10-05

In Wiki.js before version 2.5.151, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is onl…

The post Meet ‘Egregor,’ a New Ransomware Family to Watch appeared first on Malware Devil.

https://malwaredevil.com/2020/10/05/meet-egregor-a-new-ransomware-family-to-watch/?utm_source=rss&utm_medium=rss&utm_campaign=meet-egregor-a-new-ransomware-family-to-watch