US, Australian Authorities Warn of Avaddon Ransomware Wave of Attacks

Android banking trojan Teabot emerges, Threat actor controlled 27% of Tor exit nodes in February, UK's train company sends cruel phishing test to employees, Lemon Duck targets Microsoft Exchange, more

Please consider helping Metacurity survive and thrive. Consider becoming a paid subscriber today. Thank you!

The FBI and the Australian Cyber Security Centre have issued alerts warning about a wave of attacks carried out with the Avaddon ransomware strain.

Avaddon victims appear across numerous industry verticals and “compromise victims through remote access login credentials [e.g., remote desktop protocol (RDP) and virtual private network (VPN)] with single-factor authentication or improperly configured RDP.”  The Avaddon creators have also bragged about their ability to execute pressure-inducing distributed denial of service (DDoS) attacks against organizations, although the FBI hasn’t seen these attacks yet. (Catalin Cimpanu / The Record)

Related: Bleeping Computer

Italian cybersecurity and online fraud prevention firm Cleafy said that a new Android trojan called Teabot that hijacks users' credentials and SMS messages to facilitate fraudulent activities is being used against banks in…