On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss several new blogs that the Symantec Threat Hunter Team has published recently. Firstly, we uncovered a new ransomware threat that we dubbed Yanluowang, which appears to be deployed in a targeted fashion and is certainly a new threat as various indications point towards it still being in development. We also published two blogs detailing two separate campaigns targeting organizations in Asia. The Harvester group is a previously unknown, likely nation-state backed group targeting victims in South Asia, while elsewhere a new espionage campaign is targeting the defense, healthcare, and ICT sectors in South East Asia. Meanwhile, we also discuss new activity from a targeted attack group dubbed LightBasin, and the return of the Lyceum group.
On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how the UK and the U.S. are planning to increase their efforts to tackle cyber crime, ransomware being blamed in court for the death of a baby, and the arrests of some ransomware criminals in Ukraine. Also, the Conti ransomware gang makes some threats, evidence of the Pegasus spyware allegedly found on the phones of French cabinet ministers, and an interesting targeted phishing campaign.
We are back for Season 4 after our summer break, and on this week’s Cyber Security Brief podcast Dick O’Brien and Brigid O Gorman spend a lot of time discussing the subject that also dominated the last season of the podcast - ransomware. We discuss some of the ransomware stories we missed while we were off air, as well as a ransomware whitepaper we recently worked on and made available to our customers. Apart from ransomware, we also discuss Mēris - a huge botnet that emerged over the summer and has aimed massive DDoS attacks at various organizations around the world.
On this week’s Cyber Security Brief, we discuss some recent ransomware stories, as well as giving a sneak peek into some research we have been doing into ransomware. We also talk about recent announcements from U.S. authorities that attributed some recent cyber attacks, including the Microsoft Exchange Server campaign, to Chinese actors, and we also discuss the rising cost of data breaches. This is the last podcast of season 3, we will be taking a short break and will return with new episodes in September.
On this week’s Cyber Security Brief, Gavin O’Gorman joins us to discuss the Kaseya ransomware supply chain attack that occurred over the July 4 holiday weekend in the U.S. The REvil/Sodinokibi ransomware gang were behind this attack, and Gavin and Dick O’Brien discuss whether this is a sign that we now need to be aware of ransomware actors targeting victims through supply chain attacks, which would more traditionally be associated with state-sponsored hackers, as well as some of the other interesting aspects of this attack. Meanwhile, Brigid O Gorman discusses the latest news of a new vulnerability in SolarWinds software being exploited by a Chinese hacking group, energy companies being targeted in a year-long espionage campaign, and the rising cost of cyber insurance.