“Buckeye” APT group used Equation Group tools before 2017 leak

Digital Shadows

Kacey and Alex join HVR to talk through the key stories this week including a new threat group called “Mirrorthief” conducting “Magecart”-like digital skimming attacks against university websites, various code-sharing repositories being targeted and held for ransom by an unknown threat actor; and new ransomware, “Sodinokibi”, which used a zero-day vulnerability in Oracle WebLogic.

Simon Hall and Dr. Richard Gold then join to dive into the “Buckeye” APT group, which has recently been said to develop its own version of a tool that was likely created by the U.S. National Security Agency (NSA) prior to being leaked by the “ShadowBrokers” in 2017.

Read the full findings at https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-02-may-09-may-2019.

Listen on itunes here

Listen on Soundcloud:


Previous Post
ElectricFish malware attributed to "Lazarus Group"
ElectricFish malware attributed to "Lazarus Group"

Alex and Christian join Harrison this week to discuss the attribution of the ElectricFish malware to the "L...

Next Post
Weekly Intelligence Summary: Ep 17
Weekly Intelligence Summary: Ep 17

Phil and newcomer Benjamin Newman join Harrison for another edition of the Weekly Intelligence Summary. The...


Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
State- optional
Job Title
Thank you!
Error - something went wrong!