ShadowTalk Update – Ed Merrett Joins To Talk HackableYou And The Latest In Threat Intel

ShadowTalk Update – Ed Merrett Joins To Talk HackableYou And The Latest In Threat Intel
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
September 21, 2020 | 2 Min Read

This week’s host Kacey is joined by Charles and Alec to bring you the latest in threat intelligence. In this episode they cover: 

  • Visa issues a warning about new credit card skimmer “Baka”
  • Epic Manchego – Atypical malicious document delivery
  • What is Smaug and how does it operate?
  • Emotet – are there new developments and why did France send an advisory?

Listen below 👇👇

ShadowTalk Threat Intelligence Podcast · Weekly: The Team Talks Baka, Epic Manchego, and Smaug, Plus Emotet Rides Again

89 vulnerabilities found in content management systems

Users of popular content management systems (CMS) have become susceptible to several cyber threats, following the discovery of 89 vulnerabilities in several popular platforms, including WordPress, Doomla, Drupal, and OpenCard. The discovery followed research into the rising number of web defacements observed between July 2019 and May 2020. Arbitrary file upload vulnerabilities were the most common issue, and may permit attackers to upload shell scripts onto web servers, facilitate remote code execution, and deface websites. The number of potential victims exposed to the 89 vulnerabilities is likely to be high. CMS platforms are typically used for web content management and support a diverse variety of industries and purposes.

NetWalker ransomware disrupts Pakistani electricity provider

K-Electric, known as Pakistan’s largest private utility company, was affected in a “NetWalker” ransomware attack that resulted in disruption to online and billing services. The attack did not have any impact on K-Electric’s ability to provide power, but could have had serious implications, given that K-Electric is the sole provider of electricity in Karachi. The incident highlights the growing trend of ransomware actors targeting sectors involved in critical national infrastructure, which could have dangerous consequences.

Chinese threat actors targeting US entities through Exchange, Citrix, F5 flaws

Chinese state-associated threat actors have been observed exploiting multiple vulnerabilities to target government entities and the private sector within the US. The flaws affect Citrix, Microsoft Exchange, Pulse VPN, and F5 networks. After gaining initial access, the threat actors use a series of tools to enable persistence and move laterally. Many of the vulnerabilities were exploited earlier this year by Iranian threat actors, in a campaign now being tracked as Fox Kitten.

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 18 September 2020

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

Azure AD: Auto Validate Exposed Credentials

Azure AD: Auto Validate Exposed Credentials

January 19, 2021 | 3 Min Read

SearchLight customers can now automatically...
ShadowTalk Update: Sunburst, Sunspot, and more on SolarWinds!

ShadowTalk Update: Sunburst, Sunspot, and more on SolarWinds!

January 18, 2021 | 3 Min Read

ShadowTalk hosts Alec, Charles, Austin, and...
Targets and Predictions for the COVID-19 Threat Landscape

Targets and Predictions for the COVID-19 Threat Landscape

January 14, 2021 | 7 Min Read

Note: This blog is part of our ongoing...
Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

January 13, 2021 | 9 Min Read

It’s often the case that a sequel to a...