A new round of software attacks has raised another red flag concerning supply-chain security and the prevalence of third-party supply-chain targeting. Cybercriminals exploited four zero-day vulnerabilities in Accellion’s File Transfer Appliance (FTA) software, which was nearing End-of-Life (EoL) status, to access Accellion customers’ data. The attacks allegedly began in December 2020, and in the following two months victims received ransom notes from the cybercriminals who operate the “Clop” ransomware. The notes stated that the victims’ data would be exposed unless payments were made. These attacks mark a technical advancement for cybercriminal groups: Supply-chain attacks and exploitation of zero-day vulnerabilities are common, but are more typically the work of state-sponsored groups.
Other content in this Stream
Cyber Threat Intelligence Solutions Guide
This guide outlines best practices for cyber threat intelligence and features resources to leverage when developing or improving your organization's cyber threat intelligence capabilities.
Cyber Threat Intelligence Resources
A compilation of some of our favorite readings, resources, and tools that relate to Cyber Threat Intelligence.
Weekly: Facebook Data Breach, Ransomware Cartel, and More!
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly Intelligence Summary 09 April
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only a few US dollars.
Digital Shadows and the Intelligence Cycle
This illustration of the intelligence cycle will allow you to see what we do at each stage of the cycle to ensure we effectively answer stakeholder requirements.
Weekly: It’s A Ransomware Round-Up - CNA , Clop, and Much More!
ShadowTalk hosts Stefano, Dylan, Kim, and Chris bring you the latest in threat intelligence.
Weekly Intelligence Summary 02 April
Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware.
Weekly: More on Microsoft and Acer Receives $50 Million in Ransom Demands
ShadowTalk hosts Alec, Austin, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly Intelligence Summary 26 March
The new Internet of Things (IoT) botnet ZHtrap has been turning devices it has infected into honeypots, in a novel technique that highlights yet another risk presented by exposed IoT devices.
Special: Creator of Zero Trust John Kindervag Talks Origins and the Future of Zero Trust!
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest John Kindervag, creator of Zero Trust and Senior Vice President, Cybersecurity Strategy at ON2IT Cybersecurity.
Weekly: Ransomware Resurgence - The Return of FIN8, DarkSide, and More!
ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence.
Weekly Intelligence Summary 19 March
Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber attacks taking place in the week following their discovery.
Initial Access Brokers Report
Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.
Weekly: Supply Chain Compromise Round-Up - Microsoft, Verkada, and More!
ShadowTalk hosts Alec, Ivan, Charles, and Austin bring you the latest in threat intelligence. This week they cover: - The team discuss HAFNIUM and Microsoft Servers Exchange - Updates on the...
Threat Intelligence Can Be Noisy: SearchLight Helps
Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a threat intelligence ...
1:06Silence the Noise | Digital Shadows
Threat intelligence is noisy. Tune out the noise with Digital Shadows. Visit www.digitalshadows.com to schedule a demo today!
Weekly Intelligence Summary 26 February
The People’s Republic of China-linked advanced persistent threat group “APT31” reportedly cloned and deployed a zero-day exploit developed by NSA's Equation Group in 2013.
Weekly: When Initial Access Brokers Attack
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly: Egregor Arrests, SIM-Swapping, and Oldsmar Updates!
ShadowTalk hosts Stefano, Adam, Dylan, and Kim bring you the latest in threat intelligence.