- In the spotlight: Information about APT34, including victim data, personally identifiable information belonging to the group’s alleged members, and the group’s tools, has been leaked on Telegram. This is likely to disrupt APT34 operations during the next six to 12 months.
- Highlights from the week include: A phishing campaign leverages legitimate web services to deliver RevengeRAT; a breach of an IT outsourcing firm is tentatively linked to a campaign targeting gift card providers; and further details on the ASUS server compromise implicate the attackers behind ShadowHammer.
- Forward look: It is possible that organizations that are perceived to have acted against WikiLeaks will be targeted under the hacktivist operation OpAssange.
Your Practical Guide to Reducing Digital Risk
Get Your Copy!Most Recent Flipbooks
Weekly Intelligence Summary 05 Sep - 12 Sep 2019
In the spotlight this week: Following reports that “APT3” used Equation Group tools prior to their public leak by the “Shadow Brokers” in 2016, cyber security researchers have provided additional ...
Weekly Intelligence Summary 29 Aug - 05 Sep 2019
In the spotlight this week: A surge in financially motivated cyber-attack campaigns has been attributed to “Silence”, which is a probably Russian cybercriminal group.
Weekly Intelligence Summary 22 Aug - 29 Aug 2019
Weekly highlights: A new campaign by the “Gamaredon” group may have targeted Ukrainian government bodies, a new ransomware variant dubbed Nemty was likely distributed through compromised remote desk
Weekly Intelligence Summary 15 Aug - 22 Aug 2019
Weekly highlights include: An additional 30 organizations were reportedly compromised alongside Capital One in the July 2019 breach; the “Danabot” banking trojan has been targeting financial, retail,
Weekly Intelligence Summary 08 Aug - 15 Aug 2019
In the spotlight this week are details of ongoing sextortion campaigns which consistently use unsophisticated tactics and techniques to target users indiscriminately.
Weekly Intelligence Summary 01 Aug - 08 Aug 2019
Weekly highlights focus on: the Russia-associated “APT28” threat group targeting Internet of Things (IOT) devices to access corporate networks, ten new information-stealing trojans targeting financial
Weekly Intelligence Summary 25 Jul - 01 Aug 2019
Weekly highlights include: Capital One reported a data breach after an individual accessed an Amazon Web Services (AWS) server used by the organization, cyber espionage operations associated with Ch..
Weekly Intelligence Summary 11 Jul - 18 Jul 2019
Entering the spotlight this week is the new “DoppelPaymer” ransomware, which bears resemblance to the “Indrik Spider”-associated “BitPaymer” ransomware.
Weekly Intelligence Summary 04 Jul - 11 Jul 2019
Two previously unseen malware variants have been attributed to the financially motivated “TA505” in attacks on various organizations worldwide, even as the threat group continues to rely on commonly u
Weekly Intelligence Summary 20 Jun - 27 Jun 2019
A campaign dubbed Operation Soft Cell has been actively compromising telecommunications organizations since early 2017.
Weekly Intelligence Summary 13 Jun - 20 Jun 2019
In the spotlight this week is a cyber-threat campaign involving the abuse of legitimate features in Google Calendar.
Weekly Intelligence Summary 06 Jun - 13 Jun 2019
An indiscriminate malicious cryptocurrency campaign is targeting entities in China using fileless malware techniques, readily available PowerShell exploit tools, and variants of the open-source crypto
Weekly Intelligence Summary 30 May - 06 Jun 2019
The spotlight this week illuminates new Linux malware, dubbed HiddenWasp, which has been identified in the wild. It is an amalgamation of other open-source Linux malware variants and shares some sourc
Weekly Intelligence Summary 02 May - 09 May 2019
The China-affiliated threat group “APT3” has recently been said to develop its own version of a tool that was likely created by the United States NS) prior to being leaked by the “ShadowBrokers”.
Weekly Intelligence Summary 25 Apr - 02 May 2019