Cyware Weekly Threat Intelligence - April 19–23

Weekly Threat Briefing • April 23, 2021
Weekly Threat Briefing • April 23, 2021
The Good
When it comes to energy grids, cyberattackers have become an existential threat. The Department of Energy has, thus, initiated a plan to strengthen the energy sector supply chain in the country. The Justice Department also announced plans to form a dream team to dismantle ransomware operations. Cybercriminals begone!
The Bad
The attack against Quanta just got bigger with the REvil gang leaking data belonging to high-value organizations. Will Apple pay the $50 million ransom? While we are on the topic of leaked data, another threat actor was found selling almost 50GB worth of sensitive data belonging to an OTP-generating firm. The SolarWinds attack once again grabbed eyeballs as it was found to be associated with the latest Codecov breach.
New Threats
Seems like it is still open season for ProxyLogon vulnerability exploitation. The week was introduced to quite a few new botnets, one of which has started abusing the ProxyLogon flaws to mine for cryptocurrency. Don’t be fooled by a pretty pink WhatsApp version, it’s a malware! In another vein, threat actors are actively abusing a flaw in Pulse Connect Secure VPN devices. No patch is available as of now.