Latest News Articles



--- TLP:WHITE ---

News

− REvil ransomware returns: New malware sample confirms gang is back

The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks.

https://www.bleepingcomputer.com/news/security/revil-ransomware-returns-new-malware-sample-confirms-gang-is-back/

− NIST Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks

The National Institute of Standards and Technology (NIST) on Thursday released an updated cybersecurity guidance for managing risks in the supply chain, as it increasingly emerges as a lucrative attack vector.

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf

− State-Backed Chinese Hackers Target Russia

According to Google’s Threat Analysis Group (TAG), financially motivated actors across the globe are still using the war in Ukraine as a phishing lure for campaigns.

https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/

− A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.

https://www.welivesecurity.com/2022/04/27/lookback-ta410-umbrella-cyberespionage-ttps-activity/

Vulnerabilities

− Chinese "Override Panda" Hackers Resurface With New Espionage Attacks

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information.

https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/

− Romania under cyberattack coming from Russia’s Killnet

The pro-Russian hacker group Killnet, which has already claimed several attacks that have taken place in recent days against some official sites in Romania, threatened on Saturday, April 30, that it would target almost 300 other sites.

https://www.romania-insider.com/romania-cyberattack-russia-killnet-2022

Community News

− 34th Annual FIRST Conference | "Neart Le Chéile: Strength Together"

FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs. The FIRST annual conference promotes worldwide coordination and cooperation among computer security and incident response teams (CSIRTs). The conference provides a forum for sharing goals, ideas, and information on how to improve computer security on a global scale. This year’s annual conference is scheduled to take place in-person with limited virtual components, June 26 through July 1, 2022 at the Convention Centre Dublin, in Dublin, Ireland.

https://www.first.org/conference/2022/

--- TLP:WHITE ---