Malicious ISO File Leads to Domain Wide Ransomware
Last year, was yet another disturbing one for cybersecurity. While there was no shortage of contributing events, among the most significant were the continuing effects of COVID-19 and the start of the military conflict in Ukraine. Disruption made 2022 a year of economic, geopolitical and human upheaval and cost—creating exactly the kind of chaos in which cybercriminals thrive.
This article details the exact techniques used in an exploitation delivered by IcedID in late September. What’s worrying is that the new techniques they implemented are growing as cyber criminals try to evade Mark-of-the-Web controls.