Microsoft Warns of the StrRAT Malware Campaign Targeting Windows Systems — The Sec Master

What do we know about StrRAT malware?

Who is the primary target of StrRAT malware campaign?

How the StrRAT malware campaign is designed to deliver the malware?

#1. Spam mail with malicious jar attachments

#2. VBScript downloads and installs the Java for the RAT.

#3. Initial payload analysis

StrRAT malware Indicators of Compromise (IOCs)

How to prevent the new StrRAT Malware Campaign?

  1. Search for IOAs (Indicator of Attack): IOAs include signs such as code execution, lateral movements, and behavioral actions. IOAs don’t tell how the attack is being carried out. Instead, it talks about the signs of in-progress attacks.
  2. Keep the systems up to date: Never miss applying the new upgrades or patches.
  3. Remove unwanted services: Disable unwanted ports, enforce to use of only secure network protocols, remove unused applications from the system.
  4. Fix latest vulnerabilities: Run the periodic VA scan and fix all vulnerabilities, especially remote execution vulnerabilities.
  5. Harden the system: Close all the configuration gaps and make the system more secure.
  6. Defense-in-Depth strategy: Don’t trust a single product. Deploy multiple layers of defense and use multiple different products for the defense.
  7. Cybersecurity training & awareness: Host training programs and create awareness about the vectors of cybersecurity.

--

--

--

We are here to create awareness about cyber security.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thesecmasterblog

Thesecmasterblog

We are here to create awareness about cyber security.

More from Medium

How To Fix CVE-2021–35234- Privilege Escalation In SolarWinds’s Orion Platform NPM

SSH to Red Hat with Docker

Hack The Box: Active

The human factor: Security Control and Behaviour

Blog cover of The human factor: Security Control and Behaviour by Mchael Poncardas