Search |

2022-08-13 07:13:05 By : Ms. lissa liao

The use of valid digital certificates has become the main weapon of a new malicious campaign, focused on compromising Windows systems to launch new cyber attacks.Called Blister, the threat would have a low detection rate by security software due to the use of different obfuscation tactics in scams that have been happening since at least September this year.The main one, according to the warning made by Elastic experts, is the use of a valid and updated certificate, provided by Sectigo on behalf of a company called Blist LLC.The pest may appear embedded in legitimate development libraries, software, or service updates.In either case, the use of the digital document allows the threat to be executed with administrator privileges and even the consent of the user, who trusts that signature as legitimate.Once executed, Blister remains dormant for the first few minutes, as a way to avoid monitoring and analysis during the installation of solutions.It then springs into action with remote access malware capable of leading to ransomware attacks, data theft, cryptocurrency mining, and lateral movement.It has already been used in strikes involving known pests such as Cobalt Strike and BitRAT.Even after launching additional attacks, Blister is able to remain in the operating system, disguise itself as a legitimate executable, and incorporate itself into the list of apps that are launched along with the operating system.Thus, it remains at the disposal of attackers for new scams, especially while the main security platforms are still unable to detect its existence.Elastic experts point to the use of legitimate certificates as a new alternative for criminals.Until then, there were multiple detections related to stolen signatures;now, however, companies whose systems have been compromised are used to place orders that also appear to be authentic to the providers of this type of guarantee, expanding the reach of these scams.According to Elastic, Sectigo has already been notified for the certificate used by Blister to be revoked.While the initial vectors of entry were not identified by experts, the company has released indicators of compromise and rules that can be used to detect malware activity on internal networks.Enter your email address on Canaltech to receive daily updates with the latest news from the world of technology.

Superior Quality, Competitive Price And Timely Service

Fast & Safe Delivery Worldwide

Good After-Sales Service, Praised By Customers

Search

Featured Products

News & Blog

YouTube icon

YouTube icon

Blister packaging machines from Helios | Packaging South Asia

Global Liquid Capsule Filling and Sealing Machine Market (2022-2028) Research Covers Top Players as Qualicaps, ACG Group, Dott Bonapace, Capsugel – Queen Anne and Mangolia News

Capsule Filling and Sealing Machine Market by 2029 | Bosch Packaging Technology, Capsugel – ManufactureLink

Global Pharmaceutical Capsule Filling Machine Market 2022 Latest Innovations, Technological Progress, Regional Outlook and Forecast to 2028 – Queen Anne and Mangolia News

Prima Weight Loss Pill reviews 2022: Is this weight loss capsule a scam or legit? - FingerLakes1.com

Capsule Filler Market Regulations and Competitive Landscape Outlook 2022 to 2032 | I.M.A. Industria Macchine Automatiche S.P.A., MG America, QUALICAPS – ManufactureLink

Keto X3 Reviews (Shark Tank) Is Nucentix Keto X3 Pills Safe to Use? Updated Price 2022 — Hometown Station | KHTS FM 98.1 & AM 1220 — Santa Clarita Radio - Santa Clarita News

Loading...