Threat Actors
Luna Moth: The Actors Behind The Recent False Subscription Scams
What You Need To Know:
A fresh cluster of data extortion activities that has been going on since March 2022 was just described by Sygnia in a blog post as “a threat actor obtains initial access through phishing and then installs other malware. The threat actor obtains initial access through phishing and then installs other malware.
Threat Actors
Brute Ratel C4 Red Teaming Tool Being Abused by Malicious Actors
What You Need To Know:
According to Unit 42, a new red-teaming and adversarial attack simulation tool with capabilities similar to Cobalt Strike, is suspected of being abused by APT 29.
Ransomware
Ransomware Review: June 2022
What You Need To Know:
Malwarebytes Threat Intelligence Team released their analysis of ransomware leak sites for the month of June. Their analysis highlights the most active ransomware families, and what industries were targeted the most.
Ransomware
#StopRansomware: MedusaLocker
What You Need To Know:
CISA, in coordination with the FBI, the Department of the Treasury, and the Financial Crimes Enforcement Network, released a joint Cybersecurity Advisory detailing recent and historically observed tactics, techniques, and procedures and observables of MedusaLocker ransomware.
Malware
Hundreds of Windows Networks are Infected with Raspberry Robin Worm
What You Need To Know:
SOCRadar published a blog post discussing a malware report that was initially only released to Microsoft’s Defender for Endpoint subscribers. The malware acts like a worm and is installed via external media devices (such as USB flash drives) and frequently compromises QNAP NAS devices.
Malware
XFiles Stealer Campaign Abusing Follina
What You Need To Know:
Cyberint reported their recent observations of threat actors exploiting Follina to drop an information stealer on targeted devices.
Malware
BRIEF: Raccoon Stealer Version 2.0
What You Need To Know:
ZeroFox Intelligence published in a recent report that they have medium confidence that Raccoon Stealer has reemerged and that a previously unknown information stealer is actually the latest version of Raccoon Stealer.
Exploited Vulnerabilities
CISA Adds CVE-2022-26925 to it’s Known Exploited Vulnerabilities Catalog
What You Need To Know:
CISA has added the CVE-2022-26925 to it’s Known Exploited Vulnerabilities Catalog. The software affected involves a spoofing vulnerability in Microsoft Windows.
What We Mean When We Say
Estimates of Likelihood
We use probabilistic language to reflect the Intel Team’s estimates of the likelihood of developments or events because analytical judgments are not certain. Terms like “probably,” “likely,” “very likely,” and “almost certainly” denote a higher than even chance. The terms unlikely and remote imply that an event has a lower than even chance of occurring; they do not imply that it will not. Terms like might and might reflect situations where we are unable to assess the likelihood, usually due to a lack of relevant information, which is sketchy or fragmented. Terms like “we can’t dismiss,” “we can’t rule out,” and “we can’t discount” refer to an unlikely, improbable, or distant event with significant consequences.
Confidence in Assessments
Our assessments and projections are based on data that varies in scope, quality, and source. As a result, we assign our assessments high, moderate, or low levels of confidence, as follows:
- High confidence indicates that our decisions are based on reliable information and/or that the nature of the problem allows us to make a sound decision. However, a “high confidence” judgment is not a fact or a guarantee, and it still carries the risk of being incorrect.
- Moderate confidence denotes that the information is credible and plausible, but not of high enough quality or sufficiently corroborated to warrant a higher level of assurance.
- Low confidence indicates that the information’s credibility and/or plausibility are in doubt, that the information is too fragmented or poorly corroborated to make solid analytic inferences, or that we have serious concerns or problems with the sources.
Share