Following a recent surge of attacks involving Avaddon ransomware, the United States and Australian cyber-security agencies have released alerts regarding the ransomware group’s tactics, techniques, and procedures, the Record reports. As described in a brief released by the FBI, the group has been observed compromising poorly secured Remote Desktop (RDP) and corporate Virtual Private Network (VPN) portals. Similar to other ransomware families, Avaddon also has a leak site where they release stolen data from companies that refuse to pay. While Avaddon has also bragged about their ability to execute DDoS attacks, the FBI has not identified any Avaddon incident involving DDoS.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is