Weekly: SandWorm Indicted by DOJ, Darkside Has A Soft Spot, and Ryuk's Super Speedy Attack!

October 23, 2020 Digital Shadows

ShadowTalk hosts Kacey, Alec, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover: 

  • SandWorm and its link to Russia’s GRU - what’s their history and what does this mean?
  • The Darkside ransomware group takes a philanthropic approach to cybercrime
  • Ryuk leverages Bazar Loader and Zerologon vulnerability in their recent (and very speedy) attack
  • Plus: The group discusses their favorite WiFi names

Get this week’s intelligence summary at https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-23-october-2020

***Resources from this week’s podcast***

GRU Indictment: https://www.justice.gov/opa/press-release/file/1328521/download

Darkside: https://www.zdnet.com/article/ransomware-gang-donates-part-of-ransom-demands-to-charity-organizations/

Ryuk: https://thedfirreport.com/2020/10/18/ryuk-in-5-hours/

Charitable Cybercriminals Blog: https://www.digitalshadows.com/blog-and-research/charitable-endeavors-on-cybercriminal-forums/

Digital Shadows Darkside Blog: https://www.digitalshadows.com/blog-and-research/darkside-the-new-ransomware-group-behind-highly-targeted-attacks/

High Profile Arrests Blog: https://www.digitalshadows.com/blog-and-research/recent-arrests-and-high-profile-convictions-what-does-it-mean-for-the-cyber-threat-landscape/

Ransomware Trend Q3 Blog: https://www.digitalshadows.com/blog-and-research/ransomware-trends-in-q3/

Dark Pathways Into Cybercrime Blog: https://www.digitalshadows.com/blog-and-research/dark-pathways-into-cybercrime-minding-the-threat-actor-talent-gap/

Previous Report
Weekly Intelligence Summary 13 November
Weekly Intelligence Summary 13 November

The North Korean cyber-threat group “Kimsuky” has caught the attention of the US Cybersecurity and Infrastr...

Next Report
Weekly Intelligence Summary 23 October 2020
Weekly Intelligence Summary 23 October 2020

A ruthless, ever-evolving cyber-threat group, “FIN11”, has been discovered deploying “Clop”: ransomware tha...