If there is anything the cybersecurity world learned in 2023, it’s that you can never count any bad guy out.
Botnets kept coming back from the dead, ransomware actors found new ways to make money through data theft extortion and threat actors and malware who have been around for more than a decade find ways to stay relevant.
Since it seems like there's a new security threat every day making headlines, we like to take a step back at the end of every year to look back at the top stories in cybersecurity that Talos covered this year, including new research from Talos and the stories that were most interesting to readers.
After Microsoft blocked macros by default in Office documents, attackers needed to find a new file format for their lure documents that could execute malware or malicious code without users noticing. To start off 2023, adversaries shifted toward Shell Link (LNK) files, which provide security researchers the opportunity to capitalize on information that can be provided by LNK metadata. We used this data to uncover new information about the Qakbot botnet and Gamaredon threat actor, and previously unknown connections between multiple threat actors.
Attackers deployed the “MortalKombat” ransomware and Laplas Clipper malware together in a campaign primarily looking to generate revenue by forcing users into paying the requested ransom. The encryption screen and ransom note associated with this campaign used images from the “Mortal Kombat” video game series — hence the name. Our research found these adversaries targeting everyone from individual users to massive organizations.
The operators behind the
Support the originator by clicking the read the rest link below.
