A Brief Weekly Review of Top Stories that Dominated the Cyberworld

From the news covering Agent Tesla malware variants using new techniques to do away with antivirus security to Fonix ransomware planning to close down operations, the cybersecurity landscape saw a handful of events that remained the highlights of the outgoing week.

Here is the gist of the news items that made headlines.

Agent Tesla Malware Detected Using New Delivery & Evasion Methods

Agent Tesla malware variants was reportedly using new methods to try and eliminate endpoint antivirus security.

The Windows spyware now targets Microsoft’s Antimalware Scan Interface (AMSI) in a bid to beat endpoint protection software, while also employing a multi-stage installation process and exploiting Tor and Telegram messaging API to communicate with a command-and-control (C2) server.

Fonix ransomware sought to shut down operation

The cybercrime group behind the FonixCrypter ransomware announced on Twitter that they were planning on shutting down their operation.

The FonixCrypter gang, as a gesture of goodwill towards past victims, had also released a package containing a decryption tool, how-to instructions, and the ransomware’s master decryption key.

SonicWall SMA 100 zero-day exploited in the wild

According to a tweet by cybersecurity firm NCC Group, a SonicWall SMA 100 zero-day flaw was being actively exploited in the wild.

On January 22nd, SonicWall revealed that they experienced an attack on their internal systems using a “probable” zero-day susceptibility in specific SonicWall networking devices.