Last month Aluminum manufacturer Norsk Hydro was hit by a large scale ransomware attack that affected its systems across the globe and caused severe disruption to its operations with an estimated impact of more than $35 million.. The attack used the LockerGoga ransomware and the threat research team at Securonix has been monitoring the malware, which also caused problems for a number of other companies. In order to avoid defenses, LockerGoga payloads are signed with a valid digital certificate issued by multiple certificate authorities. Spreading the malware required access to the network with Server Message Block and Active Directory management…
[Continue Reading]