Weekly Intelligence Summary 14 Feb - 21 Feb 2019

February 22, 2019

Share this Report
Facebook
Twitter
Email
LinkedIn

Highlights from the week include: A new financially motivated threat actor advertised up to 841 million data records for sale on Dream Market; “APT-C-36” has targeted multiple Colombian sectors, including government, in an ongoing cyber espionage campaign; and the “Gandcrab” ransomware has been delivered through the Kaseya VSA plug-in vulnerability.

Previous Report

Weekly Intelligence Summary 22 Feb - 01 Mar 2019

• Highlights from the week include: The fifth substantial ransomware report produced in two weeks described...

Next Report

Weekly Intelligence Summary 07 Feb - 14 Feb 2019

Your Practical Guide to Reducing Digital Risk

Get Your Copy!

Most Recent Flipbooks

Weekly Intelligence Summary 05 Sep - 12 Sep 2019

Weekly Intelligence Summary 14 Feb - 21 Feb 2019

Previous Report

Next Report

Most Recent Flipbooks

In the spotlight this week: Following reports that “APT3” used Equation Group tools prior to their public leak by the “Shadow Brokers” in 2016, cyber security researchers have provided additional ...

In the spotlight this week: A surge in financially motivated cyber-attack campaigns has been attributed to “Silence”, which is a probably Russian cybercriminal group.

Weekly highlights: A new campaign by the “Gamaredon” group may have targeted Ukrainian government bodies, a new ransomware variant dubbed Nemty was likely distributed through compromised remote desk

Weekly highlights include: An additional 30 organizations were reportedly compromised alongside Capital One in the July 2019 breach; the “Danabot” banking trojan has been targeting financial, retail,

In the spotlight this week are details of ongoing sextortion campaigns which consistently use unsophisticated tactics and techniques to target users indiscriminately.

Weekly highlights focus on: the Russia-associated “APT28” threat group targeting Internet of Things (IOT) devices to access corporate networks, ten new information-stealing trojans targeting financial

Weekly highlights include: Capital One reported a data breach after an individual accessed an Amazon Web Services (AWS) server used by the organization, cyber espionage operations associated with Ch..

Entering the spotlight this week is the new “DoppelPaymer” ransomware, which bears resemblance to the “Indrik Spider”-associated “BitPaymer” ransomware.

Two previously unseen malware variants have been attributed to the financially motivated “TA505” in attacks on various organizations worldwide, even as the threat group continues to rely on commonly u

A campaign dubbed Operation Soft Cell has been actively compromising telecommunications organizations since early 2017.

In the spotlight this week is a cyber-threat campaign involving the abuse of legitimate features in Google Calendar.

An indiscriminate malicious cryptocurrency campaign is targeting entities in China using fileless malware techniques, readily available PowerShell exploit tools, and variants of the open-source crypto

The spotlight this week illuminates new Linux malware, dubbed HiddenWasp, which has been identified in the wild. It is an amalgamation of other open-source Linux malware variants and shares some sourc

The China-affiliated threat group “APT3” has recently been said to develop its own version of a tool that was likely created by the United States NS) prior to being leaked by the “ShadowBrokers”.

Two separate campaigns draw similarities in the use of uncommon and underreported social engineering and delivery mechanisms to compromise a user’s machine with information stealing malware.