Latest News Articles

--- TLP:WHITE ---

News

− ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

APT group “Fancy Lazarus” has been ramping up its fraud campaign by threatening DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers and defraud organisations. The group is also known for not delivering on its threats.

https://threatpost.com/fancy-lazarus-cyberattackers-ransom-ddos/166811/

− Most Ransomware Victims Are Hit Again After Paying

In half of cases, victim organizations were attacked by the same group

https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business

− EU Court Leaves Facebook More Exposed to Privacy Challenges

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies.

https://www.securityweek.com/eu-court-leaves-facebook-more-exposed-privacy-challenges

− Ukraine Police Arrest Cybercriminals Behind Clop Ransomware Attacks

Ukrainian law enforcement officials reported the arrest of the Clop ransomware group on Wednesday. According to a statement and videos released today, the Ukrainian Cyber Police charged six defendants with various computer crimes linked to the CLOP gang, and conducted 21 searches throughout the Kyiv region. Six defendants were charged as part of an international operation involving Ukraine's National Police and authorities from Interpol, Korea, and the United States

https://krebsonsecurity.com/2021/06/ukrainian-police-nab-six-tied-to-clop-ransomware/

− Microsoft takes down large‑scale BEC operation

The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information

https://www.welivesecurity.com/2021/06/15/microsoft-takes-down-large-scale-bec-operation/

Vulnerabilities

− CISA Warns of Threat Posed by Ransomware to Industrial Systems

Following the devastating attack on Colonial Pipeline, the largest refined products pipeline in the United States, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet focusing on the threat posed by ransomware to operational technology (OT) assets and industrial control systems (ICS).

https://www.cisa.gov/sites/default/files/publications/CISA_Fact_Sheet-Rising_Ransomware_Threat_to_OT_Assets_508C.pdf

− Vulnerabilities Allow Hackers to Disrupt, Hijack Schneider PowerLogic Devices

Vulnerabilities discovered in some older Schneider Electric PowerLogic products can allow hackers to remotely take control of devices or disrupt them.

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-03

− Conti Ransomware Gang: An Overview

Conti ransomware stands out as one of the most ruthless of the dozens of ransomware gangs that we follow. The group has spent more than a year attacking organizations where IT outages can have life-threatening consequences: hospitals, 911 dispatch carriers, emergency medical services and law enforcement agencies. Ireland has yet to recover from an attack in mid-May that prompted the shutdown of the entire information technology network of the nation's healthcare system – prompting cancellation of appointments, the shutdown of X-ray systems and delays in COVID testing.

https://unit42.paloaltonetworks.com/conti-ransomware-gang/

Community News

− NCSC chief: NCSC CEO warns that ransomware is key cyber threat

The chief of the UK’s National Cyber Security Centre, Lindy Cameron CB OBE, said ransomware was the key threat facing the UK and urged the public and business to take it seriously.

https://www.ncsc.gov.uk/speech/rusi-lecture

− Cyber Ireland TI Series. 8th Session: Threat Hunting and Playbooks

The Cyber Ireland Threat Intel Group aims to build the expertise within the Cyber Ireland community to develop Threat Intelligence capabilities through the sharing of knowledge and experiences at a strategic level. Registration is at the link below.

https://us02web.zoom.us/webinar/register/1216239459105/WN_FTNbk1jWT5GJd4AHPjghSQ

--- TLP:WHITE ---