••• All important news related to new attacks and see the solutions we can offer you •••
North Korea's BeagleBoyz Robbing BanksLees het originele artikel hier
This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM). Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme—referred to by the U.S. Government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks.”
New identified malware used by the NorthKorean government in an automated teller machine (ATM) cash-out.
This mallware can be simulated and your can test if your environment is vulnerable using Cymulate BAS solution
DeathStalker APT Targets SMBs with Cyber Espionage
The hacker-for-hire group, operating since at least 2012, primarily targets financial firms.
Small and midsize businesses (SMBs) should have a new advanced persistent threat (APT) on their collective radar: DeathStalker has been targeting SMBs in the financial sector since at least 2012.
Kaspersky researchers tracking the group since 2018 report DeathStalker has targeted companies around the world.
Attackers don't seem motivated by financial gain; they don't deploy ransomware or steal payment data.
The focus is sensitive business data, which could mean DeathStalker offers hacker-for-hire services, or serves as a sort of "information broker," in financial circles.
DarkSide: New targeted ransomware demands million dollar ransoms
A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts.
Starting around August 10th, 2020, the new ransomware operation began performing targeted attacks against numerous companies.
In a "press release" issued by the threat actors, they claim to be former affiliates who had made millions of dollars working with other ransomware operations.
After not finding a "product" that suited their needs, they decided to launch their own operation.
"We are a new product on the market, but that does not mean that we have no experience and we came from nowhere.
We received millions of dollars profit by partnering with other well-known cryptolockers. We created DarkSide because we didn't find the perfect product for us. Now we have it."