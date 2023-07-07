Hackers have recently been exploiting “newly identified Truebot malware variants against organizations” in Canada and the United States, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The CISA, alongside the FBI and the Canadian Center for Cybersecurity, issued a joint advisory on the matter. Truebot is a botnet that the notorious Clop ransomware group has utilized to extort millions of dollars globally. This advisory comes as authorities continue to investigate cyberattacks on U.S. federal agencies, which were attributed to a Russian group. The latest Truebot variants are exploiting vulnerabilities in the Netwrix Auditor application, as opposed to being delivered via email like previous versions. To address the threat, the CISA has provided guidance, including the implementation of appropriate vendor patches. Organizations are urged to promptly apply incident responses and mitigation measures if they identify any indicators of compromise within their environments, and to report intrusions to the CISA or the FBI.

