Weekly: Ransomware Resurgence - The Return of FIN8, DarkSide, and More!

March 19, 2021 Digital Shadows

ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence. This week they cover:

  • Kim takes us through the return of FIN8 - what are the updates to the “BadHatch” backdoor
  • Chris discusses DarkSides recent resurgence after a quiet period - what’s the latest?
  • Microsoft Exchange exploit update - the team discuss
  • How are threat actors and cybercriminals using ProxyLogon vulnerabilities?

Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-19-march

***Resources from this week’s podcast***

FIN8: https://labs.bitdefender.com/2021/03/fin8-group-is-back-in-business-with-improved-badhatch-kit/

DarkSide: https://www.infosecurity-magazine.com/news/darkside-20-ransomware-fastest/

ProxyLogon: https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/

https://www.vice.com/en/article/n7vpaz/researcher-publishes-code-to-exploit-microsoft-exchange-vulnerabilities-on-github

Features: https://www.vice.com/en/article/pkdnkz/escape-zoom-meetings-by-faking-technical-issues-and-crying-with-this-app

https://attack.mitre.org/techniques/T1090/003/

https://attack.mitre.org/software/S0398/

Mapping MITRE to Microsoft Blog: https://www.digitalshadows.com/blog-and-research/mapping-mitre-attack-to-microsoft-exchange-zero-day-exploits/

Revisiting Spectre Blog: https://www.digitalshadows.com/blog-and-research/revisiting-the-spectre-and-meltdown-vulnerabilities/

Monitoring for Supplier Risks Blog: https://www.digitalshadows.com/blog-and-research/monitoring-for-risks-coming-from-suppliers/

FBI IC3 Blog: https://www.digitalshadows.com/blog-and-research/fbi-ic3-2020/

Also, don’t forget to reach out to - shadowtalk@digitalshadows.com

Previous Post
Special: Creator of Zero Trust John Kindervag Talks Origins and the Future of Zero Trust!
Special: Creator of Zero Trust John Kindervag Talks Origins and the Future of Zero Trust!

Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest John Kindervag, cr...

Next Report
Weekly Intelligence Summary 19 March
Weekly Intelligence Summary 19 March

Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber atta...

×

Cyber Threat Intelligence Solutions Guide

First Name
Last Name
Company
Job Title
Country
Thank you!
Error - something went wrong!