CyberSecurity updates
Updated: 2024-12-04 13:07:16 Pacfic

Daryna Olyniychuk @ SOC Prime Blog
BianLian Ransomware Attacks Critical Infrastructure - 9d

A new cybersecurity advisory details tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group, which is suspected of targeting critical infrastructure. BianLian’s methods include data exfiltration and extortion. The advisory underscores the growing threat of ransomware attacks targeting critical infrastructure and highlights the need for proactive security measures to mitigate the impact of such incidents.

Over Security
Snowflake Data Breach and Extortion by Kiberphant0m - 7d

A prolific hacker known as Kiberphant0m, suspected to be a U.S. Army soldier stationed in South Korea, is extorting companies that use the cloud data storage company Snowflake. The hacker obtained stolen Snowflake account credentials and is selling data stolen from customers who refuse to pay a ransom. The stolen data includes sensitive customer information from major corporations such as AT&T, which has led to high-profile threats of data leaks involving government officials.

djohnson @ Cybercrime Archives
North Korean Fake IT Worker Scheme Targets Global Organizations with Sophisticated Identity Fraud - 16d

A sophisticated identity fraud scheme is being employed by North Korean threat actors to infiltrate global organizations and gain access to sensitive information. The attackers create fraudulent profiles, often using stolen identities, to apply for IT positions within target companies. Once hired, these malicious actors steal company trade secrets and potentially extort the companies for ransom. The scheme highlights the growing threat of sophisticated social engineering tactics used by nation-state actors and the need for robust background checks and security measures to prevent such infiltration.


This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.