A new cybersecurity advisory details tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group, which is suspected of targeting critical infrastructure. BianLian’s methods include data exfiltration and extortion. The advisory underscores the growing threat of ransomware attacks targeting critical infrastructure and highlights the need for proactive security measures to mitigate the impact of such incidents.
A prolific hacker known as Kiberphant0m, suspected to be a U.S. Army soldier stationed in South Korea, is extorting companies that use the cloud data storage company Snowflake. The hacker obtained stolen Snowflake account credentials and is selling data stolen from customers who refuse to pay a ransom. The stolen data includes sensitive customer information from major corporations such as AT&T, which has led to high-profile threats of data leaks involving government officials.
A sophisticated identity fraud scheme is being employed by North Korean threat actors to infiltrate global organizations and gain access to sensitive information. The attackers create fraudulent profiles, often using stolen identities, to apply for IT positions within target companies. Once hired, these malicious actors steal company trade secrets and potentially extort the companies for ransom. The scheme highlights the growing threat of sophisticated social engineering tactics used by nation-state actors and the need for robust background checks and security measures to prevent such infiltration.