Digital Shadows

In this week’s episode Shadow Talk, it’s a vulnerability extravaganza. We cover malicious use of legitimate software, as APT28 attributed to hijacking LoJack and Blackrouter delivered via AnyDesk software. Vulnerabilities found (and exploited) in GPON home routers, and Loki Bot exploits two remote code execution vulnerabilities in Microsoft Office (CVE-2017-8570 and CVE-2018-0802).

In this week’s episode of Shadow Talk, we cover the targeting of healthcare organizations by Orangeworm, BGP hijacking, vulnerabilities in MikroTik routers, DDoS market shutdowns, and the profitability of cryptocurrency mining.

In this week’s episode of Shadow Talk, we cover Russia’s attempts to ban the social messaging app, and also read between the lines of the joint US and UK advisory on network infrastructure compromises by Kremlin-backed actors. We also outline new ransomware payloads incorporated into the Magnitude exploit kit and we bring you the latest news on vulnerabilities in the Drupal Platform and Cisco’s Webex software.

This week’s Shadow Talk discusses a Cisco Smart Install Client flaw exploited in disruption attack, an information leak vulnerability discovered in Microsoft Outlook, details on OpIcarus and OpIsrael, Verizon DBIR, and why you still should be excited about the RSA Conference.

Rafael Amado and Michael Marriott join this week’s Shadow Talk, taking a deep dive into our recent report “Too Much Information”. The research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, rsync, SMB, FTP, NAS drives, and misconfigured websites. To learn more, download the full report at https://info.digitalshadows.com/FileSharingDataExposureResearch-Podcast.html.

This week’s Shadow Talk discusses what the re-emergence of WannaCry, exposure of Aggregate IQ data, exposure of 1.5 billion files through misconfigured services, as well as lessons learned from the Panera breach, an emerging new criminal market, and much more.

This week’s Shadow Talk discusses what the Cambridge Analytica revelations mean for disinformation and personal privacy, updates to Trickbot, Zeus Panda and Remnit trojans, City of Atlanta suffers from ransomware attack, and Dragonfly campaign attribution to Russian Government.

This week’s Shadow Talk outlines the latest techniques in tax return fraud, claimed vulnerabilities in AMD chips, Slingshot malware targeting Mikrotik routers, and Greenflash Sundown Exploit Kit delivering Hermes ransomware. Watch our webinar with the FBI on the latest ransomware threats here: https://info.digitalshadows.com/FBIRansomwareThreats-WebinarOnDemand-ShadowTalk.html

Digital Shadows’ Research team discusses record DDoS attacks using Memcached servers, disinformation campaigns, a proof of concept exploit for the Spectre vulnerability, and new details of a historical network intrusion affecting the German government.

The Digital Shadows research team provides an overview of the latest news this week, including CVE-2018-4878 that’s now being used in a spam campaign, 23,000 website certificates set to be revoked, Memecached Server Used for DDoS Reflection, and updates on SamSam and DataKeeper ransomware variants.

The Digital Shadows research team provides an overview of the latest news this week, including new SWIFT attacks, more Business Email Compromise activity, the return of extortionist “thedarkoverlord”, Sam Sam and Saturn ransomware variants, and new reporting on APT-37.

The Digital Shadows Research team provides our analysis of the fascinating Lazarus Group, attacks on the Winter Olympics opening ceremony, the problems with attribution, the theft of $170 million from the Bitgrail exchange, and two newly discovered Outlook vulnerabilities.

The Digital Shadows Research team provides our analysis of the espionage-driven campaign Operation Pzchao, an Adobe zero-day vulnerability, malware in Winter Olympics spearphishing campaign, a WordPress denial of service vulnerability, and the takedown of the notorious “Infraud Forum”.

The Digital Shadows Research team discuss how criminal actors have capitalized on the increased interest in cryptocurrencies. The podcast looks at different approaches to mining fraud, account takeover and Initial Coin Offering fraud. Download a copy of the research here: https://info.digitalshadows.com/TheNewGoldRushCryptocurrency-Podcast.html

The Digital Shadows Research team provides our analysis of the $530 million Coincheck cryptocurrency heist, recent DDoS attacks against Dutch financial services organizations, renewed OpCatalunya activity, updates on the Spectre and Meltdown flaws, and a potentially serious vulnerability affecting Cisco VPNs.

The Digital Shadows Research Team provides an update on Dridex malware, Dark Caracal, Turla, and Cozy Bear.

The Digital Shadows Research team provides an analysis of the last seven days, including an update on Spectre and Meltdown, a new MS Office vulnerability, Mirai Okiru, the targeting of Bancomext, and Triton malware targeting industrial control systems.

The Digital Shadows team discusses the highlights of the past seven days, including the crypto currency mining “CoffeeMiner”, new Turla activity, and cyber threats to the Winter Olympics.

The Digital Shadows team discusses the highlights of the past seven days, including Meltdown and Spectre, the release of Satori code, OpNetNeutrality, OpIcarus and Monero mining malware.