Weekly Intelligence Summary 14 Feb - 21 Feb 2019

February 22, 2019

Share this Report
Facebook
Twitter
Email
LinkedIn

Highlights from the week include: A new financially motivated threat actor advertised up to 841 million data records for sale on Dream Market; “APT-C-36” has targeted multiple Colombian sectors, including government, in an ongoing cyber espionage campaign; and the “Gandcrab” ransomware has been delivered through the Kaseya VSA plug-in vulnerability.

Previous Report

Weekly Intelligence Summary 22 Feb - 01 Mar 2019

• Highlights from the week include: The fifth substantial ransomware report produced in two weeks described...

Next Report

Weekly Intelligence Summary 07 Feb - 14 Feb 2019

Your Practical Guide to Reducing Digital Risk

Get Your Copy!

Most Recent Flipbooks

Weekly Intelligence Summary 11 Jul - 18 Jul 2019

Weekly Intelligence Summary 14 Feb - 21 Feb 2019

Previous Report

Next Report

Most Recent Flipbooks

Entering the spotlight this week is the new “DoppelPaymer” ransomware, which bears resemblance to the “Indrik Spider”-associated “BitPaymer” ransomware.

Two previously unseen malware variants have been attributed to the financially motivated “TA505” in attacks on various organizations worldwide, even as the threat group continues to rely on commonly u

A campaign dubbed Operation Soft Cell has been actively compromising telecommunications organizations since early 2017.

In the spotlight this week is a cyber-threat campaign involving the abuse of legitimate features in Google Calendar.

An indiscriminate malicious cryptocurrency campaign is targeting entities in China using fileless malware techniques, readily available PowerShell exploit tools, and variants of the open-source crypto

The China-affiliated threat group “APT3” has recently been said to develop its own version of a tool that was likely created by the United States NS) prior to being leaked by the “ShadowBrokers”.

Two separate campaigns draw similarities in the use of uncommon and underreported social engineering and delivery mechanisms to compromise a user’s machine with information stealing malware.

In the spotlight: Information about APT34, including victim data, personally identifiable information belonging to the group’s alleged members, and the group’s tools, has been leaked on Telegram.

In the spotlight: An unidentified threat actor has obtained data from various personal Outlook, MSN, and Hotmail email accounts by compromising a Microsoft customer support account.

“Fin6” has reportedly widened its range of attacks to include ransomware, potentially inciting the threat group to extend targeting beyond retail and hospitality entities.

Highlights from the week include: “APT33” targeting American and Saudi engineering and manufacturing organizations, Earl Enterprises restaurants being affected by point of sale (POS) malware, and ...

In the spotlight this week, the server of device manufacturer ASUS was compromised by an unknown threat actor, pushing backdoor malware to at least 500,000 users’ devices. Despite the scale, this wa..

Highlights from the week include: Threat group “APT-C-27” exploiting a flaw in WinRAR software to target users in the Middle East, a fourth batch of breached data offered for sale on the dark web by

Highlights from the week include the targeting of universities’ research facilities by Chinese threat group “APT40”, the attribution of a data breach against a Singapore healthcare center in 2018 to t

This week the team looks at Fin6, who has begun regularly targeting card-not-present data on e-commerce websites. Other highlights from this week include Topps disclosing a data breach incident linked