threat updates
US
The Texas Department of Information Resources (DIR)
announced a ransomware attack against more than 20
entities across Texas, the majority of which were smaller
local governments.
In a statement, the DIR stated that evidence gathered
indicated the attacks came from one single threat actor.
However, at the time of going to press, investigations were
ongoing, with response and recovery a priority. It appears
all entities that were actually or potentially impacted have
been identified and notified, with 22 entities having been
confirmed as impacted.
Responders were working with these entities to bring their
systems back online. The State of Texas systems and
networks were not impacted.
GLOBAL
Cloud Atlas, an advanced persistent threat (APT), also known
as Inception, has updated its attack arsenal with new tools
which allow it to avoid detection through standard Indicators of
Compromise. This updated infection chain has been spotted
in the wild in different organisations in Eastern Europe, Central
Asia and Russia.
Cloud Atlas is a threat actor that has a long history of cyber-
espionage operations targeting industries, government agencies
and other entities. It was first identified in 2014 and has been
active ever since.
Recently, Kaspersky researchers have seen Cloud Atlas
targeting the international economics and aerospace industries
as well as governmental and religious organizations in Portugal,
Romania, Turkey, Ukraine, Russia, Turkmenistan, Afghanistan
and Kyrgyzstan among other countries.
24
Issue 17
|
www.intelligentciso.com