×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 19 June 2020

June 19, 2020

Two malware variants used in simultaneous cyber-threat campaigns against United States utility entities have been linked to a single threat group. New research into the “FlowCloud” and “LookBack” variants showed similarities that extend beyond targeting. Both are sophisticated remote-access trojans (RATs) that use sector-specific spearphishing emails and other overlapping tactics, techniques, and procedures (TTPs). Researchers have begun to track the operators of FlowCloud and LookBack as “TA410”, likely a capable and persistent group that poses a credible threat to utility entities; TA410’s ability to access services and processes, using LookBack and FlowCloud, would likely enable the group to control or manipulate compromised networks and halt critical functions, as well as steal sensitive business data.

Previous Report
Weekly Intelligence Summary 26 June 2020
Weekly Intelligence Summary 26 June 2020

A cyber-threat campaign was discovered exploiting an Adobe Campaign redirection flaw and abusing mail serve...

Next Report
Weekly Intelligence Summary 12 June 2020
Weekly Intelligence Summary 12 June 2020

The “Maze” group recently began collaborating with other ransomware operators by hosting their victims’ lea...

×

Want these
Threat Intelligence reports sent straight to your inbox?

Subscribe below!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!