SISA Weekly Threat Watch

New and evolved threat actors are deploying cutting-edge tactics such as encoding and encryption of malicious samples and?multi-stage malware distribution?to get past organizations’ security defenses. This past week also saw them using trusted connections to their advantage to move up the?supply chain?and gain access to critical environments. New ransomware groups with previously known modules,?cryptomining malware, zero-day vulnerabilities and new?backdoors?were infamously leveraged by attackers to target network infrastructures and devices worldwide.

SISA Weekly Threat Watch?– our new weekly feature brings to you a quick snapshot of all the major security vulnerabilities that posed a threat to organizations worldwide. These recurring actionable threat advisories will also provide information and recommendations to help security teams take appropriate actions to defend against the latest and critical threats.

?? BlueSky ransomware: fast encryption via multithreading

A new family of ransomware with methods similar to Conti v3 and Babuk ransomware?

??Read the full article

?? Malicious packages flood Python Package Index (PyPI) registry

Disguise themselves as PyPI’s open-source packages and secretly launch cryptominers?

??Read the full article

?? Apple releases security updates to patch two new zero-day vulnerabilities

Exploitation leading to arbitrary code execution, providing unauthorized privileges to attackers

??Read the full article

?? Andariel hackers use Maui ransomware for financial gains and disruptions

State-sponsored hacker group steals data and HTTP traffic using Windows commands?

??Read the full article

?? APT27 group backdoors MiMi Chat app for supply chain attack

Trojanized backdoor targets Chinese market through cross-platform instant messaging programme?

??Read the full article

-- See you next week with more!!???