ShadowTalk Update – New Zealand Stock Exchange faces DDoS, Tesla avoids cyberattack, and Pioneer Kitten updates

ShadowTalk Update – New Zealand Stock Exchange faces DDoS, Tesla avoids cyberattack, and Pioneer Kitten updates
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
September 7, 2020 | 2 Min Read

Adam, Kim, Demelza and Stefano discuss the latest threat intel updates. On this episode, they cover:

  • New Zealand Stock Exchange DDoS attacks: Services affected & extent of impact
  • Tesla employee thwarts cyberattack: Developments & internal threats
  • Pioneer Kitten observed monetizing cyber activity
  • Information about Slack vulnerability
  • Tor projects launch membership program: why & what does this mean?

Listen below 👇👇

ShadowTalk Threat Intelligence Podcast · Weekly: New Zealand Stock Exchange faces DDoS, Tesla avoids cyberattack, and Pioneer Kitten updates

Pioneer Kitten sells stolen swag on underground forum


Researchers claim that the Iranian state-associated threat group “Pioneer Kitten” has begun selling access to networks compromised during the three-year-long Fox Kitten cyber-threat campaign. Posts to an unnamed underground forum in late July 2020 suggested that the group was attempting to monetize network accesses that were no longer of interest to the Iranian state. This is atypical of state-linked groups, which seldom seek to monetize information obtained from their victims. It is realistically possible that more accesses and/or data will be advertised for sale in the mid-term future.

FBI indictment sheds light on Tesla attack attempt

Following reports that an employee at the US-based technology firm Tesla had foiled a potential cyber attack, the FBI indicted a Russian national named Egor Igorevich Kriuchkov, who was purportedly involved in plotting the attack. Kriuchkov is accused of attempting to coerce the employee by offering USD 1 million in cryptocurrency or cash to insert malware into Tesla’s network. It is realistically possible that this individual is associated with the “Ragnar Locker” ransomware group, given his claims to have extorted a previous victim of Ragnar Locker and benefitted from the attack.

New cryptomining malware targets Eastern Europe

A new strain of cryptomining malware, named KryptoCibule, has been identified by researchers. The malware, which targets Microsoft Windows systems, has been active since at least December 2018, and reportedly has been updated 70 times since then. KryptoCibule is capable of installing cryptomining software, stealing user wallet details, and replacing wallet addresses on the victim’s copy-and-paste Clipboard to hijack payments. It is being spread through infected torrent files for pirated software, which remains a credible threat to users.

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 04 September 2020

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

November 23, 2020 | 5 Min Read

BACKING UP...INTO A DITCH I am a terrible...
Holiday Cybercrime: Retail Risks and Dark Web Kicks

Holiday Cybercrime: Retail Risks and Dark Web Kicks

November 19, 2020 | 7 Min Read

The holidays are right around the corner,...
ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

November 16, 2020 | 2 Min Read

ShadowTalk hosts Stefano, Kim, Dylan, and...
To Code or Not to Code? Cybercriminals and the world of programming

To Code or Not to Code? Cybercriminals and the world of programming

November 12, 2020 | 9 Min Read

If you keep a pulse on the technology sector...