Rewterz Threat Advisory –CVE-2021-30789 – Apple macOS Security Vulnerability
August 12, 2021Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 12, 2021Rewterz Threat Advisory –CVE-2021-30789 – Apple macOS Security Vulnerability
August 12, 2021Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 12, 2021Severity
High
Analysis Summary
Sodinokibi ransomware usually targets victims, infecting systems via Microsoft Office documents. After encryption, a ransom note is found on infected systems. The ransomware usually demands a ransom of $850k or $1.7m for decrypting the files on the target system. The ransomware has re-emerged in cyberspace after a few months, earlier campaigns dating back to July and August, 2020. Recently, few samples of Sodinokibi were found being distributed.
Impact
- Files encryption
- Information theft
Indicators of Compromise
MD5
- 65aa793c000762174b2f86077bdafaea
SHA-256
- f0c60f62ef9ffc044d0b4aeb8cc26b971236f24a2611cb1be09ff4845c3841bc
SHA-1
- 95a21e764ad0c98ea3d034d293aee5511e7c8457
Remediation
- Block the threat indicators at their respective controls.
- Do not download files attached in untrusted emails.