×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 02 April

Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware. Files on more than 15,000 devices were encrypted, including devices of employees working remotely. It is realistically possible that Phoenix Cryptolocker’s operators attacked CNA Financial as a steppingstone to attack its customers covered by cyber insurance policies, or to create a list of customers to potentially target. Organizations covered by cyber insurance are an attractive target for ransomware, because the attackers can tailor the ransom demand to the covered amount and increase the likelihood of receiving payment. Ransomware attacks will highly likely continue, and it is realistically possible that threat groups will continue to attempt supply-chain attacks to distribute ransomware.

Previous Post
Weekly: It’s A Ransomware Round-Up - CNA , Clop, and Much More!
Weekly: It’s A Ransomware Round-Up - CNA , Clop, and Much More!

ShadowTalk hosts Stefano, Dylan, Kim, and Chris bring you the latest in threat intelligence.

Next Report
Initial Access Brokers Report
Initial Access Brokers Report

Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Acce...

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!