The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) warns businesses and netizens of Emotet and BlueKeep attacks in the wild.
The ACSC is warning organizations and people of a wave of cyberattacks exploiting the Windows BlueKeep vulnerability to deliver crypto-currency miners.
“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.” reads the advisory published by the ACSC.
The alert follows the one issued by Microsoft of more BlueKeep attacks that could deliver disruptive payloads and urged organizations to patch their systems.
The Australian agency also warns of Emotet campaigns that in the last months hit the country posing a significant threat for both organizations and government offices.
The Cyber Incident Management Arrangements (CIMA) will remain active despite the alert has been downgraded to Level 4 – ‘Lean Forward,’ (CIMA Level 4 requests a precautionary approach through increasing monitoring, analysis, and strategic coordination and engagement at the national level).
At the end of October, the CIMA was activated to Level 3 in response to the Emotet campaigns
The ACSC announced the activation of Australia’s CIMA to Level 3 – ‘Alert’ on 25 October 2019, in response to the widespread exploitation of vulnerable systems by the Emotet malware. The threat posed by this malicious software required immediate action at the national level to ensure Australian organisations, from critical infrastructure providers to small businesses, receive mitigation advice to protect their networks.
The ACSC announced the activation of Australia’s CIMA to Level 3 – ‘Alert’ on 25 October 2019, in response to the widespread exploitation of vulnerable systems by the Emotet malware. The threat posed by this malicious software required immediate action at the national level to ensure Australian organizations, from critical infrastructure providers to small businesses, receive mitigation advice to protect their networks.
“There are two concerning cyber security threats in the wild. While we have seen a drop in the number of Emotet infections in the last week, people and businesses should remain vigilant,” said Head of the ACSC, Rachel Noble PSM.
“We are also concerned about reports cybercriminals are exploiting the BlueKeep vulnerability to access computers and control them without the users’ knowledge.”
Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit, the attack aimed at installing a cryptocurrency miner on the infected systems. The popular expert Kevin Beaumont observed some of its EternalPot RDP honeypots crashing after being attacked.[…]
To read the original article:
https://securityaffairs.co/wordpress/93694/hacking/acsc-alert-bluekeep-emotet.html