ShadowTalk Update – Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

ShadowTalk Update – Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
June 15, 2020 | 2 Min Read

Alex is joined by Kacey and Charles this week to chat through the top threat intel stories of the week.

This week’s highlights include:

  • Zorab Ransomware Disguised as STOP Djvu Ransomware
  • Endgame: New DDoS protection tool advertised on the dark web
  • Sodinokibi Ransomware Group updates and Maze ransomware alliance

Listen to this week’s episode now 👇

ShadowTalk Threat Intelligence Podcast · WEEKLY: Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

Chinese and Iranian state hackers target US presidential campaigns

On 04 Jun 2020, security researchers reported that staff members of the United States presidential campaigns of Donald Trump and Joe Biden were being targeted by Chinese and Iranian state-sponsored hackers. The hackers delivered spearphishing email messages to the staff members, although there were no signs of compromise. According to the Google Threat Analysis Group, the latest attacks were attributed to “APT31”, a Chinese state-sponsored group, and “APT35”, an Iranian state-sponsored group.

Tycoon ransomware operators go after education, software

On 04 Jun 2020 security researchers reported on a newly uncovered form of ransomware, dubbed Tycoon, that affects Windows and Linux systems. The threat actors using Tycoon have been active since December 2019, targeting organizations in the education and software industries. They use privileges to disable anti-malware software, use ProcessHacker to prevent limitations to their attacks, and demand a ransom that increases over time if payment is not rendered. Security researchers believe that Tycoon may be linked to the “Dharma” ransomware, considering similarities in email addresses and encrypted-file names.

CISA warns of hurricane-related scams

The United States Cybersecurity and Infrastructure Security Agency (CISA) released a statement that warned people to remain vigilant and aware of potential cyber threats during the Atlantic hurricane season, which officially began on 01 June 2020. The statement highlighted the potential for cybercriminals to target disaster victims and charitable donors following a hurricane. CISA recommended exercising caution in handling email messages with hurricane-related subject lines, attachments, or hyperlinks.

For more details, read the full Weekly Intelligence Summary:

Weekly Intelligence Summary 12 June 2020

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

November 23, 2020 | 5 Min Read

BACKING UP...INTO A DITCH I am a terrible...
Holiday Cybercrime: Retail Risks and Dark Web Kicks

Holiday Cybercrime: Retail Risks and Dark Web Kicks

November 19, 2020 | 7 Min Read

The holidays are right around the corner,...
ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

November 16, 2020 | 2 Min Read

ShadowTalk hosts Stefano, Kim, Dylan, and...
To Code or Not to Code? Cybercriminals and the world of programming

To Code or Not to Code? Cybercriminals and the world of programming

November 12, 2020 | 9 Min Read

If you keep a pulse on the technology sector...