Emerging Threats//
CrazyHunter Ransomware
CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.
OVERVIEW
In mid-September 2022, security researchers at Vectra released information a post-exploitation vulnerability affecting the Microsoft Teams collaboration platform. The vulnerability allows "… malicious actors with sufficient local or remote file system access to steal valid user credentials from Microsoft Teams due to their plaintext storage on disk." While Microsoft was notified of the vulnerability, it has indicated that it does not intend to remediate the issue.
Due to the prevalent nature of Microsoft Teams, and the potential impact to the broader community, Cyborg Security has developed exclusive hunt packages to detect the most common behaviors exhibited by the exploitation of the vulnerability. This behavioral content is freely available for Community members of Cyborg Security's HUNTER Platform!
Get the Free Hunt Packages!
Check Out Other Emerging Threats >