ShadowTalk Update – Law Enforcement Cracks Down On Cybercriminals, Fancy Bear Goes Phishing, And More

ShadowTalk Update – Law Enforcement Cracks Down On Cybercriminals, Fancy Bear Goes Phishing, And More
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
September 28, 2020 | 2 Min Read

ShadowTalk hosts Kacey, Charles, Alec and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:

  • A member of TheDarkOverlord was sentenced to multiple years in prison, APT41 members have been charged with computer crimes, and
  • 179 cybercriminals have been arrested for pushing illicit drugs and weapons on criminal marketplaces.
  • Fancy Bear activity uses NATO training documents for a phishing campaign
  • Activision suffers a potential data breach – what we know
  • University Hospital targeted by ransomware attack – the team discusses

Listen below 👇👇

ShadowTalk Threat Intelligence Podcast · Weekly: Law Enforcement Cracks Down On Cybercriminals, Fancy Bear Goes Phishing, And More

Iranian threat actors indicted for cyber espionage

A federal court in Virginia, US, has unsealed an indictment for three Iranian individuals accused of a coordinated cyber-espionage campaign. Using identity theft, social engineering, and data theft, the threat actors reportedly targeted technology-related information from aerospace and satellite tracking organizations in the US, the UK, Singapore, Israel, and Australia. The perpetrators were reportedly working on behalf of Iran’s Islamic Revolutionary Guard Corps.

URSA trojan wielded against Spanish-, Portuguese-speaking countries

Researchers reported on a wave of attacks using the “URSA” trojan against a wide range of Spanish- and Portuguese-speaking countries. In an attack campaign that occurred between June and September 2020, the malware attacked victims in Mexico, Brazil, Spain, Portugal, Italy, Bolivia, Chile, Argentina, Ecuador, Peru, Paraguay, Colombia, and Costa Rica. The trojan demonstrated sophisticated techniques to steal passwords and banking information while evading anti-virus detection mechanisms.

Emergency CISA warning about Zerologon in Windows servers

The US Cybersecurity and Infrastructure Security Agency (CISA) released an emergency directive, warning users of a Zerologon vulnerability affecting Microsoft Windows servers. The flaw was addressed on Microsoft’s Patch Tuesday, but CISA warned that it is highly likely threat actors will exploit unpatched versions. The vulnerability reportedly poses a significant risk, and requires immediate action, especially as exploit code for the flaw was discovered in the wild. It is highly likely that threat actors will take advantage of vulnerable, unpatched systems in the short-term future (one to three months).

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 25 September 2020

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

November 23, 2020 | 5 Min Read

BACKING UP...INTO A DITCH I am a terrible...
Holiday Cybercrime: Retail Risks and Dark Web Kicks

Holiday Cybercrime: Retail Risks and Dark Web Kicks

November 19, 2020 | 7 Min Read

The holidays are right around the corner,...
ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

November 16, 2020 | 2 Min Read

ShadowTalk hosts Stefano, Kim, Dylan, and...
To Code or Not to Code? Cybercriminals and the world of programming

To Code or Not to Code? Cybercriminals and the world of programming

November 12, 2020 | 9 Min Read

If you keep a pulse on the technology sector...