🟠 High | Source: The Register — Security
Microsoft has identified a sophisticated Windows backdoor called GigaWiper that combines at least three distinct malware families — including wiper and ransomware components — into a single modular tool. This makes it highly adaptable, allowing attackers to deploy destructive or extortion-based payloads from one package. The modular design significantly lowers the barrier for threat actors to cause widespread damage across targeted environments.
Security Architect’s Take: Prioritise endpoint detection coverage for Windows workloads in cloud-connected environments, particularly around Azure-joined or hybrid AD machines — ensure Microsoft Defender for Endpoint is fully deployed and that wiper-class behavioural detections are enabled. Review backup immutability controls and test recovery runbooks now, before a destructive payload is triggered.
Original advisory: Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package