Over the last two weeks, we saw that relevant article “Dark Web Price Index 2022” – “As the global health crisis ground on for a second year, many of the trends in Dark Web information product prices and availability continued, too”. Written for the February 2021 to June 2022 reporting period, this guide updates the information provided in our previous report.
You can find more infosec news as “Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine”, “Avos ransomware group expands with new attack arsenal” and more.
For more articles, check out our #onpatrol4malware blog.
The Sliding Scale of Threat Actor Sophistication When Reacting to 0-day Vulnerabilities
Source: Team Cymru
Threat Telemetry Analysis for the Disclosure of CVE-2022-26134. Team Cymru’s S2 Research Team has highlighted why it is important for cyber defenders to address the critical window between 0-day discovery and the subsequent release of security patches. Read more.
Icefall: 56 Flaws Impact Thousands Of Exposed Industrial Devices
Source: Bleeping Computer
A security report has been published on a set of 56 vulnerabilities that are collectively called Icefall and affect operational technology (OT) equipment used in various critical infrastructure environments. Read more.
Dark Web Price Index 2022
Source: PRIVACY Affairs
As the global health crisis ground on for a second year, many of the trends in Dark Web information product prices and availability continued, too. Written for the February 2021 to June 2022 reporting period. Read more.
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
SentinelLabs has uncovered a cluster of activity beginning at least as far back as 2013 and continuing to the present day, primarily targeting organizations in Southeast Asia and Australia. Read more.
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine
Source: Malwarebytes LABS
In a recent campaign, APT28, an advanced persistent threat actor linked with Russian intelligence, set its sights on Ukraine, targeting users with malware that steals credentials stored in browsers. Read more.
RIG Exploit Kit Swaps Dead Raccoon with Dridex
In January 2022, the Cyber Threat Intelligence Lab started tracking a RIG Exploit Kit campaign pushing Raccoon Stealer – a credential-stealing Trojan advertised and sold on underground forums as malware-as-a-service for $ 200 a month. Read more.
Avos ransomware group expands with new attack arsenal
Source: Cisco TALOS
Avos is a ransomware group first identified in 2021 initially targeting Windows machines. More recently, a new ransomware variant of AvosLocker, named after the group, is also targeting Linux environments. Read more.