Trending News

Am I part of the problem?
The supply chain is changing, of that there can be no doubt. Just a few short years ago, it was a linear, mostly one-dimensional structure that was relatively easy to police and manage. However, this is absolutely no longer the case, with many different actors now involved – ranging from start-ups and solo entrepreneurs to multinational corporations. – read more

Effective ransomware prevention: Insights from Conti Playbook
Our customers regularly ask us what more they can do to prevent ransomware outbreaks. Our experience has shown us that the correct way to counter cyber attacks is a solid, step-by-step detection and response (D&R) foundation. Recently we’ve had the opportunity to look at this from the perspective of attackers, thanks to a massive leak of inside information and data from one of the big Ransomware as a Service (RaaS) groups: Conti. – read more

Detection of New Infostealer Malware DUCKTAIL
WithSecure™ has discovered an ongoing operation, dubbed “DUCKTAIL”, that targets individuals and organizations operating on Facebook’s Ads and Business platform. Based upon analysis and gathered data, WithSecure™ has high confidence that the operation is conducted by a Vietnamese threat actor. The chain of evidence suggests that the threat actor’s motives are financially driven. – read more

New unit to bring intelligence-driven protection to defenders
The world’s increasingly fraught geopolitical situation has precipitated a concerning variety of cyber attacks targeting individuals, corporations, civil infrastructure, and governments. These threats have become progressively abundant and sophisticated in nature, leading WithSecure™ to create a new unit to help combat these adversaries. – read more

What is the point of a red team?
It’s pretty common for people to ask us for a red team engagement to understand if their organisation can be breached. Well, every organisation can be breached—you don’t need an expensive red team to prove that. You won’t get all the information you need from a red team; a purple team might be better. At this point, there’s often a bit of a confusion. Here are some of the things we look for when we are considering selling a red team service. – read more

July 2022 Threat reportSee here

Summary:

  • Trickbot group attacks Ukraine.
  • Brute Ratel being abused by threat actors.
  • Black Basta on the rise.
  • Ransomware: Trends and notable reports.
    • BlackCat under the spotlight.
    • Vice Society.
    • A closer look at LockBit 3.0.
    • Hive joins BlackCat in using Rust.
    • CISA produce alert on MedusaLocker.
    • HavanaCrypt, a new group with novel tactics.
  • Q2 statistics from Digital Shadows.
  • Other notable highlights in brief.
  • Threat data highlights.
  • Research highlights: Ducktail: An infostealer malware targeting Facebook business accounts.