Rising TrueBot Malware Attacks Prompt Cybersecurity Agencies' Warning
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a warning about Truebot malware variants that are exploiting a critical remote code execution (RCE) vulnerability in Netwrix Auditor software. The attacks have targeted organizations in the United States and Canada. The vulnerability, tracked as CVE-2022-31199, allows unauthorized attackers to execute malicious code with SYSTEM user privileges. Truebot is associated with the Russian-speaking Silence cybercrime group and is used by the TA505 group to deploy Clop ransomware. The attackers also install the FlawedGrace Remote Access Trojan (RAT) and Cobalt Strike beacons for further malicious activities. Organizations are advised to apply patches, update Netwrix Auditor, and implement mitigation measures.
- CISA: Netwrix Auditor RCE bug exploited in Truebot malware attacks BleepingComputer
- Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks The Hacker News
- US and Canadian Authorities Warn of Increased Truebot Activity Infosecurity Magazine
- Canadian, U.S. authorities issue updated cybersecurity advisory on malware UPI News
- CISA and FBI warn of Truebot infecting US and Canada based orgs Security Affairs
- View Full Coverage on Google News
Reading Insights
0
0
2 min
vs 3 min read
73%
412 → 110 words
Want the full story? Read the original article
Read on BleepingComputer