I recently came across an interesting technique used by many different ransomware groups that is used for data exfiltration. In this current age of ransomware, it is becoming more common to see double and sometimes triple extortion, where they are exfiltrating the data out before encrypting so as to have some leverage should the company not decide to pay up. One such tool being used is called Rclone https://rclone.org/ What is interesting about this tool, it's a self contained executable and doesnt have to be installed on Windows. You simply download the zip file, unzip it and you can start using it. Its strength lies in being able to communicate and upload to a large number of cloud storages via command line. A list of all the ones they currently support is found here: https://rclone.org/docs/ One of the ones I tested recently was its connection to Mega.io. If a company isnt blocking outbound to these cloud storages, they run the risk of easy data exfil via this tool. To set it
This is really informative blog, I have to thank for your efforts. Waiting for more post like this.
ReplyDeleteEthical Hacking Training in Chennai
Ethical Hacking Certification Training
Ethical Hacking Course Near Me
valuable blog,Informative content...thanks for sharing, Waiting for the next update...
ReplyDeleteCyber Security Course in Chennai
Cyber Security Training in Chennai
These include cloud computing, custom software and mobile application development, cybersecurity, and outsourced Managed Network Services which helps companies improve their technology uptime and IT capabilities while, at the same time, reduces costs. Blockchain Encryption Technology
ReplyDelete