Cyware Weekly Threat Intelligence - August 02–06

Weekly Threat Briefing • August 6, 2021
Weekly Threat Briefing • August 6, 2021
The Good
Following the REvil decryptor for Kaseya victims, the week witnessed the release of another decryptor for Prometheus ransomware victims. Such a wonderful ray of sunshine, yes? Now, vulnerabilities are out to bite malicious actors as one of their favorite tools was found to be flawed. In another camp, following the repeated cyberattacks on the nation, the U.S. has decided to join hands with tech firms to strengthen the country’s cyber defenses.
The Bad
It is 2021 and companies are still leaving their databases unsecured and people are suffering because of such a mistake. Around 35 million U.S. residents had their personal information exposed this week. Coming to the topic of data breaches, the educational sector is still bearing the brunt of cyberattacks as a Candian school district was breached. Scammers can be called the shameless scum of the cyberworld as they are now targeting people who are seeking unemployment insurance.
New Threats
The notorious APT31, also known as Zirconium, attacked Russia for the first time ever! It is also propagating a new RAT. The week was a hard one as various sets of vulnerabilities kept coming forth, along with their potentially devastating consequences. This includes a set of DNS vulnerabilities that can allow attackers to rip data off of corporate networks. Cannot finish this without talking about cryptostealers. Raccoon stealer got upgraded and can now exfiltrate cryptocurrency from victims.