This is a security alert for all TruShield clients and the community at large. TruShield has noted several recent trends in malicious activity. These trends include alterations in delivery and composition of malware.
Explanation and Analysis
Indicators of Compromise
|MD 5 Hashes|
Mitigation and Prevention
- Filter inbound emails based on attachments and subject lines.
- Consider blocking file types commonly used for obfuscation.
- Use application control software with a base deny policy.
- Do not open suspicious files and compare with known IOCs.
- Use updated antimalware and antivirus products.
- Keep systems patched with the latest updates.
- Isolate infected systems from the network and storage devices.
- Keep regular backups both on and off-site.
- Monitor systems for registry or file changes.
- Continuously monitor network traffic for C&C communication.