Attacks involving the Brickstorm malware were noted by the Cybersecurity and Infrastructure Security Agency to continue threatening U.S. infrastructure, Cybersecurity Dive reports.Brickstorm not only bypasses detection through background operation but also taps encrypted WebSocket connections for sophisticated command-and-control, said CISA in an updated guidance developed alongside the National Security Agency and the Canadian Centre for Cybersecurity."Given the scope and complexity of the ongoing activity, CISA continues to collaborate with government, industry, and international partners gathering new insights, performing technical analysis, and providing new details to the broader cybersecurity community as we discover them," noted CISA Executive Assistant Director of Cybersecurity Nick Andersen.CISA's updated Brickstorm advisory comes after China-linked threat operation Warp Panda was reported by CrowdStrike researchers to have launched the malware against VMware vCenter instances across various sectors. Warp Panda's initial targeting of internet-exposed edge devices has allowed persistence in breached networks, researchers said.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds