Colonial Pipeline Company fell victim to a cyber attack that resulted in 5,500 miles of its US fuel pipelines being shut down, causing public distress and fears of fuel shortages. The attack was attributed to the ransomware group “DarkSide”, but was likely conducted by one of its affiliates. The group responded quickly to the attack, claiming that DarkSide’s only motive is financial gain, and that they do not want to create problems for society. They also announced that the group will begin approving or denying encryption of any companies the group’s affiliates want to target, to avoid future social consequences. Regardless of such efforts to distance the group from the attack, the consequences could be significant for DarkSide; the involvement of US government agencies and law enforcement will likely add pressure to the group’s operations, and the arrest of DarkSide’s members and/or the responsible affiliate is a realistic possibility.
Other content in this Stream
A newly identified advanced persistent threat (APT) group, “Agrius”, has been exposed as the perpetrator of destructive attacks against Israeli organizations since late 2020.
ShadowTalk hosts Stefano, Adam, Kim, and Dylan bring you the latest in threat intelligence.
US President Joe Biden recently signed an executive order (EO) aimed at strengthening network security for US federal government departments, and agencies and contractors working with them.
This guide shares years of operational best practices and expands on where dark web intelligence is useful and can be effectively leveraged into action for security teams.
ShadowTalk hosts Sean, Alec, Ivan, and Charles bring you the latest in threat intelligence.
A “Conti” ransomware attack on Ireland’s healthcare system, the Health Service Executive (HSE), significantly delayed the delivery of medical laboratory results and affected many outpatient services.
ShadowTalk hosts Stefano, Chris, Kim, and Xue bring you the latest in threat intelligence.
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intelligence.
Security researchers discovered two unrelated cyber-threat campaigns targeting Microsoft SharePoint.
This guide outlines best practices for cyber threat intelligence and features resources to leverage when developing or improving your organization's cyber threat intelligence capabilities.
ShadowTalk hosts Alec, Ivan, Charles, and newcomer, Sean, bring you the latest in threat intelligence.
The FBI made digital copies of malicious web-shells before removing them from hundreds of vulnerable servers in the US, without any warning to affected organizations.
ShadowTalk hosts Stefano, Adam, Kim, and Chris bring you the latest in threat intelligence.
A cyber-espionage campaign was found targeting the Vietnamese military and government, as well as other sectors and some entities in Thailand and Central Asia.
Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.
The new Internet of Things (IoT) botnet ZHtrap has been turning devices it has infected into honeypots, in a novel technique that highlights yet another risk presented by exposed IoT devices.
Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a threat intelligence ...
This guide draws from best practices suggested in SearchLight’s playbooks, so security professionals can improve their tools and processes to prevent employee account takeover.
When selecting the optimal Cyber Threat Intelligence solution for your organization, use this guide to assess threat intelligence providers across 6 critical categories.