Cyware Weekly Threat Intelligence - June 21–25

Weekly Threat Briefing • June 26, 2021
Weekly Threat Briefing • June 26, 2021
The Good
With a fresh cup of coffee, we would like to present to you all the good that happened in the cybersecurity world this week. The NSA is funding the development of the D3FEND framework to help cybersecurity professionals bolster their defenses. Google has launched a vulnerability interchange schema that would strengthen open-source security.
The Bad
The Cl0p ransomware gang member arrests came as a breath of fresh air as the ransomware crisis keeps spiraling. However, the gang kept leaking sensitive information and it has got us worried. We came across a cryptojacking campaign that went on for three long years and made its operators very rich. A nuclear research institute suffered an attack by the Kimsuky threat actor. Data stolen from the City of Tulsa attack was released publicly by cybercriminals.
New Threats
Our one of the most notorious ransomware, REvil, got an update. Three of their Tor domains have been found to date. Talking about malware variants, IcedID banking trojan is back in a new variant, with a shiny new downloader. The PYSA ransomware gang has come to the scene with a new trojan, which is targeting schools in the U.S.