The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as ComRAT. According to the MAR, this malware has been used by Turla, a Russian-sponsored Advanced Persistent Threat (APT) actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity. It contains a detailed description of the activities that were observed as well as lists of recommendations for users and administrators to apply to strengthen the security posture of their organization’s systems. The MAR states users or administrators should flag activity associated with the malware and report the activity to the CISA at [email protected] or 888-282-0870 or the FBI Cyber Watch (CyWatch) at (855)292-3937 or [email protected] and give the activity the highest priority for enhanced mitigation. Read the MAR at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!