104 Results
Posted:

BadUSB attacks, a new backdoor, and how one APT group managed to infect itself with malware

Welcome to the first Cyber Security Brief of 2022! In this week’s podcast, Dick O’Brien and Brigid O Gorman chat about some of the biggest news stories of the last couple of weeks. The topics up for discussion in this episode include: FIN7 BadUSB attacks return, an interesting new multi-platform backdoor, and the latest way attackers are attempting to abuse Google Docs. Also, a jump in the number of extortion DDoS attacks, how payments to suspicious cryptocurrency wallets have exploded in recent months, corruption of open source libraries as a form of protest, and how one APT group managed to infect itself with its own malware.

Download
Posted:

Log4j vulnerabilities, likely Iran-backed attacks on telecoms companies, and new Rust-based Noberus ransomware

On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec Threat Analyst Alan Neville to discuss the vulnerabilities in Apache Log4j that made lots of headlines this week. We also discuss two other blogs that Symantec published this week, including one looking at an attack campaign aimed at telecoms companies in the Middle East and Asia that appears likely to have originated from Iran-based attackers. Meanwhile, we also talk about a blog we published covering details about a new Rust-based malware we have dubbed Noberus (ALPHV/BlackCat). This is our last Cyber Security Brief podcast of 2021, we will be back on January 13.

Download
Posted:

Yanluowang ransomware update, possible Conti link to Emotet, and the importance of strong passwords

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the latest Symantec blog, some updated research about the Yanluowang ransomware gang, with fresh activity appearing to show that this ransomware isn’t a flash-in-the-pan. We also discuss how quickly exposed cloud services are compromised by malicious actors, how off-putting strong passwords are for attackers employing brute-forcing techniques, and apparent attempts by Russian hackers to collaborate with Chinese-speaking actors. Also, the Conti gang’s possible role in the return of Emotet, and North Korean actors continue to target security researchers with fake job offers.

Download
Posted:

Attacks on critical infrastructure, ransomware arrests, and the return of Emotet?

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some recent attack campaigns aimed at critical infrastructure organizations in several countries around the world, the possible return of the Emotet botnet, and some law enforcement activity that has led to the arrest of people involved with both the REvil and Gandcrab ransomware. We also discuss some new techniques being used by the BazarLoader gang, and an FBI system being compromised and used to send out fake information security alerts.

Download
Posted:

BlackMatter updates, lots of law enforcement activity, and new SquirrelWaffle malware is one to watch

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of our recent blogs, including at least one BlackMatter ransomware affiliate using a new data exfiltration tool in attacks, and also the breaking news that the BlackMatter ransomware operation is apparently winding down. We also discuss another recent blog we published about banking Trojan activity in Latin America, while recent law enforcement activity cracking down on ransomware criminals is also up for discussion. Elsewhere, we also talk about SquirrelWaffle, a reasonably new malware that is used as a loader and has been mentioned as a potential successor to the notorious Emotet for the delivery of threats.

Download
View More