Intelligent CISO Issue 67 | Page 24

threat updates

1

VIETNAM
WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam .
DarkGate is a Remote Access Trojan ( RAT ) that has been used in attacks since at least 2018 and is currently available to cybercriminals as Malware-as-a-Service ( MaaS ). It has a diverse user base and a variety of capabilities . It has been observed in information stealing , cryptojacking and ransomware campaigns .
WithSecure researchers began their investigation into DarkGate after detecting multiple infection attempts against organisations in the UK , US and India .

2

UK
Based on non-technical indicators , such as lure files , themes , targeting and delivery methods , researchers were able to tie these attempted attacks back to the same threat actors using the Ducktail infostealer that WithSecure researchers have been tracking for approximately the last year and a half .
The British Library has experienced ‘ a major technology outage as a result of a cyber incident ’, according to its X ( Twitter ) account . The organisation said in a statement that it is investigating the incident , which has affected its website and online systems , with NCSC and other specialists .
24 www . intelligentciso . com