UPDATES
3
3
threat
UPDATES
3
RUSSIA
The FBI , CISA and Australian Cyber Security Centre have issued an alert as BianLian , a notorious Russian ransomware ring , has seemingly abandoned the ransomware playbook .
The FBI and cyberauthorities warn that the gang is now following a new trend and shifting to data exfiltration-based extortion . “ They shifted primarily to exfiltration-based extortion around January 2023 and shifted to exclusively exfiltration-based extortion around January 2024 ,” the joint alert by the Federal Bureau of Investigation ( FBI ), Cybersecurity and Infrastructure Security Agency ( CISA ) and the Australian Cyber Security Centre read .
Dr . Darren Williams , CEO and Founder , BlackFog , said : “ This continues to be a major trend we have seen through 2024 , where 94 % of all ransomware now focuses on data exfiltration . This is not a surprise given the value of intellectual property , customer and personal data .”
CENTRAL ASIA
Researchers have identified an ongoing Russia-linked cyber-espionage campaign targeting human rights groups , private security companies , and state and educational institutions in Central Asia , East Asia and Europe using custom malware .
The attacks have been attributed to a threat actor tracked as TAG-110 . According to a report by Recorded Future ’ s Insikt Group , this actor is likely linked to the Russian cyber-espionage group BlueDelta , also known as APT28 or Fancy Bear .
Since July of this year , Insikt Group has identified over 60 unique TAG-110 victims , primarily in Tajikistan , Kyrgyzstan , Turkmenistan , and Kazakhstan . They were infected with the group ’ s custom malware , including the Hatvibe loader and the Cherryspy backdoor . To deliver these tools to targeted systems , the group used malicious Microsoft Word email attachments and exploited vulnerable web-facing services , Insikt Group said .
3
WWW . INTELLIGENTCISO . COM 25