Cyware Weekly Threat Intelligence - October 31–04

Weekly Threat Briefing • November 4, 2022
Weekly Threat Briefing • November 4, 2022
In an effort to improve the cybersecurity capabilities of ICS, the U.S. Department of Energy has allocated a sum of $15 million to the National Rural Electric Cooperative Association (NRECA). The amount will be used to improve the detection process and deploy cyber monitoring tools. In another development, the CISA along with the FBI and the MS-ISAC have issued a joint advisory containing recommended procedures to reduce the likelihood and impact of DDoS attacks.
The NCSC has started a new project in an effort to boost cybersecurity at the national level. As a part of the project, networked systems throughout the U.K will be scanned at regular intervals to detect vulnerabilities. The idea is to collect data to quantify risk exposure and respond to threats at the earliest.
The U.S. Department of Energy awarded a sum of $15 million to the National Rural Electric Cooperative Association (NRECA) to help electric cooperatives expand their cybersecurity capabilities for ICS. The amount will be used to improve the detection process and deploy cyber monitoring tools.
The CISA, alongside the FBI and the MS-ISAC issued a joint advisory to inform organizations about DDoS attacks. It also includes recommendations to reduce the likelihood and impacts of such attacks.
New threat actor groups were reported this week for stealthily launching cyberattacks across the globe. One of them is tracked as OPERA1ER that has been wreaking havoc worldwide for the past three years and has stolen more than $30 million from organizations in 15 different countries. The other group named Crimson Kingsnake has been linked with a new BEC attack targeting well-known international law firms. Researchers also reported a jump in the sale of stolen credentials and illegal access to organizations’ networks on the dark web.
In new threats surfaced this week, a destructive data wiper named Azov Ransomware was observed infecting computers that were previously compromised by SmokeLoader malware. The SocGholish malware was used in a cyberespionage attack to cripple U.S. news sites. The Emotet botnet has also been spotted in the wild spamming users' email addresses.