An operations security (OpSec) failure by the threat group “FIN7” led to an unintentional exposure of their new tools, campaigns, and underground affiliations. Security researchers conducted a cyber-security operation that granted them access to the threat group’s communication channels, and have published reports that offer unique insight into one of the world’s most notorious threat groups. FIN7 was seemingly developing new loader malware, called Tirion, to replace the previously used “Carbanak” backdoor. Tirion features many new capabilities for information gathering, lateral movement, reconnaissance, and code execution. Researchers also uncovered new data about BadUSB attacks that occurred in early 2020. The reports will probably not significantly affect FIN7’s operations, but it is realistically possible that they will modify some tactics, techniques, and procedures (TTPs) in response.
Three state-linked threat groups have reportedly conducted cyber attacks aimed at the US Democratic and Rep...
Want To Try Our Digital Risk Protection Tool?Get Started Free
Other content in this Stream
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
Digital Shadows CISO, Rick Holland will introduce a Structured Analytic Technique called "The Cone of Plausibility" and use this analytic technique to forecast next year's ransomware threat.
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
Success of UK security bill depends on Internet of Things users
Join Photon CTI analysts to discuss the most severe vulnerabilities observed in 2021 and how to improve your security posture.
As the end of the year approaches, it’s time once again to look at the initial access broker (IAB) activity ...
This Webinar highlights the key research findings of the SPARK MATRIX Digital Risk Protection (DRP), 2021.
Ryan Floyd, venture capitalist and co-founder Storm Ventures, talks about the latest cybersecurity threats you should be aware of with Digital Shadows CEO, Alastair Paterson.
This report discusses Intel Updates related to financial services in the third quarter of 2021 (Q3 2021) as well as an outlook for the next quarter (Q4 2021).