On November 9, 2022, Trend Micro researchers reported two campaigns they attribute to a new threat group Earth Longzhi, which they assess is a subgroup of APT41. Context Trend Micro researchers based the assessed connection between the groups on shared targets, shared Cobalt Strike metadata, code similarities, and shared tactics, techniques, and procedures (TTPs). Impact…
Read More
Vienna, VA (November 7, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released its Holiday Season Cyber Threat Trends report, which examines the threat landscape facing the retail and hospitality sector during the holiday season, typically the busiest time of year for these industries. According to the report, QakBot, Emotet, Agent…
Read More
On November 3, 2022, Sentinel Labs researchers published a report linking the Black Basta Ransomware group to FIN7 (also known as Carbanak) based on shared tactics, techniques, and procedures (TTPs) between Black Basta tools and FIN7 tools. Key Takeaways Key findings for the report include: SentinelLabs researchers describe Black Basta operational TTPs in full detail,…
Read More
On November 1, 2022, OpenSSL developers released details of two vulnerabilities: CVE-2022-3786 and CVE-2022-3602. Context In an accompanying blog post, OpenSSL explained that they downgraded the severity of the vulnerabilities to high from the originally announced critical level due to technical barriers to exploitation. No in the wild exploits or proofs of concept (POCs) are…
Read More
Key Takeaways On October 25, 2022, Cisco Talos Incident Response (CTIR) researchers published their Quarterly Report: Incident Response Trends in Q3 2022. Key findings include: Ransomware was the top threat this quarter, a slight change from last quarter where commodity trojans surpassed ransomware by a narrow margin. Several high-profile ransomware groups appeared in CTIR engagements…
Read More
