Cyware Weekly Threat Intelligence - January 10–14

Weekly Threat Briefing • January 14, 2022
Weekly Threat Briefing • January 14, 2022
The Good
Good are the days when threat actors end up making mistakes that benefit the cybersecurity landscape. In one such mistake, Patchwork APT infected itself with its own malware, leading researchers to find out details about the group and its operations. In another development, the U.S. Senate passed two cybersecurity-bills - the Supply Chain Security Training Act and the State and Local Government Cybersecurity Act.
The Bad
Attackers are still exploiting Log4j vulnerabilities in any way they can. Clarins suffered a data breach due to failure to patch the flaws on time, once again indicating how important it is to implement patches before one falls prey to cyberattacks. Cybercriminals are using social engineering tactics to take over accounts of players associated with the EA video game FIFA 22. A ransomware attack forced a prison in New Mexico to go into unplanned lockdown. The attack also resulted in the shutdown of several crucial systems, including that of the local government.
**New Threats **
The AvosLocker ransomware is making headlines, yet again, with a revamped arsenal. The ransomware now has a new module that encrypts Linux systems. So, beware! As already mentioned above, there is no respite in Log4Shell attacks as the Charming Kitten gang attempted to abuse the flaw to deploy a new modular backdoor. In other news, hackers were observed disseminating different strains of RATs by abusing public cloud infrastructure.