Need to back up their APFS volumes? No problem. They've gone above and beyond to include additional features that will make their life easier. Whether they need to map network drives, check and repair disk errors, clone disks, or clean drives, the iBoysoft DiskGeeker has got they covered. That's why they've developed a feature that allows they to uniformly manage multiple disks on their Mac. They also know that managing multiple disks can be a pain. With the iBoysoft DiskGeeker, they can safeguard their information and ensure that only authorized individuals have access to it. That's why they've included the ability to encrypt disks using BitLocker or FileVault. They understand that data security is of paramount importance to they. This advanced technology allows they to fully read and write to these drives, giving they complete control over their data. Say goodbye to the frustrations of not being able to access BitLocker-encrypted drives and NTFS drives. With the iBoysoft DiskGeeker, there are no limits to what they can achieve. Designed for professionals like they, who demand the highest level of performance and functionality, this powerful software is set to revolutionize the way they interact with their drives. We are committed to getting to the bottom of who is behind this attack," the CEO and CTO added.Introducing the iBoysoft DiskGeeker - the ultimate toolkit for all their disk management needs. "We have continued working with law enforcement units to trace back the source of the attack. like an espionage-type attack," he added.Īvast continues to cooperate with police to chase them down. Vlcek said he didn't know if a nation state was behind the attack and it'd be unlikely for anyone to find out. There appeared to be code overlap between the CCleaner backdoor and Group 72's malware. The investigation now moves on to determine whether or not that third-stage was activated.Ĭisco is recommending any organization affected to not just remove the affected version of CCleaner 5.33 or update, but should restore from backups or reimage systems entirely to get rid of malware.Īs for who was behind the attack, Cisco said it was worth looking into claims from Russian security firm Kaspersky that a known, sophisticated group of hackers variously known as Axiom and Group 72, previously linked to Chinese hackers. He said the second payload was "a stage of a multi-stage attack." "It doesn't do anything malicious… all it's doing is basically waiting for a command to update it for a third-stage," he added. Vlcek told Forbes that the eight affected companies had been contacted, indicating some victims had more than one PC infected. The company has contacted firms targeted, but isn't disclosing names. "At the time the server was taken down, the attack was targeting select large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the US," Avast added. "When combined, this information would be everything an attacker would need to launch a later stage payload that the attacker could verify to be undetectable and stable on a given system.," Cisco added. But just over 20 machines were hit with the second-stage attack, in which "reconnaissance information" about infected computers, such as IP address and software active on the machine, were sent to the attackers. Showing just how the attackers were carefully selecting their targets, more than 700,000 computers of the 2.3 million infected reported back to the hackers' server over few days the researchers were able to gather data, Cisco found. What was clear to both Avast and Cisco was that this was a sophisticated targeted attack on the tech industry. Researchers were only able to look across those days as the hacker server they had access to had its logs wiped on September 12 when it ran out of memory, Vlcek told Forbes. "Given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds," wrote CEO Vince Steckler and chief technology officer Ondrej Vlcek. "This would suggest a very focused actor after valuable intellectual property," Cisco's researchers added.Īvast concurred with Cisco's research, but said it was likely more were infected. Cisco, Microsoft, VMware, Intel, Sony, Samsung, HTC, Linksys, D-Link and Singtel Corp were all on a list of targets, according to Talos, though it's unclear which were amongst the overall eight that Avast said had PCs infected. That analysis came after Cisco's Talos security division released research late Wednesday naming a handful of technology companies that were targeted with "secondary payloads" over just four days in September, saying 20 victim machines were infected as a result.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |