Threat Advisories

A New Emerging CatB Ransomware Using DLL Hijacking to Evade Detection

January 5, 2023

Threat Level

Red

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

CatB is a ransomware that uses a technique called DLL hijacking to evade detection. It does this by injecting itself into the Microsoft Distributed Transaction Coordinator (MSDTC) service, a legitimate Windows process, and using that process to encrypt the victim’s files.

Synology addresses the RCE vulnerability that affects VPN Plus servers

Gartner: “Organizations Must Expand From Threat to Exposure Management in 2023”