September 2024 TRU Intelligence Briefing

eSentire’s Threat Response Unit (TRU) is a team of industry-renowned experts with real-world experience who are battle-tested to protect you against the most advanced cyber threats. TRU is foundational to our Managed Detection and Response (MDR) service – no add-ons or additional cost required. Every month, TRU hosts a live webinar to share new research-driven observations of malware, notable vulnerabilities, threat actor groups, and cyber activity affecting the threat landscape. During the September Threat Intelligence Briefing, TRU will review: - Unpacking Trends Around Windows Installer Packages: An analysis of recent trends observed among our customers and the broader threat landscape, focusing on the misuse of Windows installer packages for malware infections. This discussion will cover MSI, MISX, and Inno Setup packages, how they are abused, recommendations for analysis, and the underground services fueling this trend. - Tactical Threat Response – App Installer Abuse: An overview of how threat actors utilize application installers to distribute malware, along with best practices for mitigating these risks. - Updates on Poseidon Stealer, Go Injector, and Play Ransomware. - Notable vulnerabilities impacting Versa, SolarWinds, and Apache. - A brief update on cyber activity relating to ongoing geopolitical tensions.