Cyware Weekly Threat Intelligence - July 12–16

Weekly Threat Briefing • July 16, 2021
Weekly Threat Briefing • July 16, 2021
The Good
Collective action against persistent threat actors by law enforcement and government agencies always gets us super recharged. A Eurojust operation busted a $2.4 million online phishing scam. In the spirit of boosting defensive measures against ransomware threats, the U.S. set up a resource hub for victims to mitigate attacks. Now there’s another piece of positive news. The REvil ransomware gang has suddenly disappeared from the dark web. What’s going on?
The Bad
As if previous LinkedIn data leaks were not bad enough, now the data of 600 million profiles were once again dumped on a hacker forum. An APT group, reportedly affiliated with Mustang Panda, was discovered conducting a massive attack campaign in Southeast Asia. The week also witnessed escalating ransomware threats targeting SonicWall customers.
New Threats
The notorious Trickbot is back. It got a new attack infrastructure that is capable of gathering intelligence in stealth mode. It seems that Magecart hackers can’t take a breath as they are so busy terrorizing businesses. Researchers found the Mespinoza ransomware gang acting smug and calling its victims ‘business partners’. Talk about turning criminal activities into professional enterprise!