Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

ValidCC Shuttered - Another one bites the dust

On January 28, 2021 the dark web community was informed that “ValidCC”, one of the leading marketplaces for compromised payment card details, was unexpectedly closing its services for good. This happened less than a month after “Joker’s Stash”, another popular dark web payment card marketplace, announced its retirement.

Turla - high sophistication Russian-nexus threat group

Believed active since 2004, if not much earlier, Turla is a high sophistication Russian-nexus threat group with espionage and intelligence gathering motivations targeting organizations worldwide. We have wrote about them in the past here. Known by many security vendor assigned names over the years including Turla Team, Uroburos and Venomous Bear, this bulletin provides an overview of Turla-attributed threats as observed over the past six months.

On Sale! Access to your Crown Jewels

Remote Desktop Protocol (RDP) is a communication protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection[1]. Once connected, the remote user will be able to communicate with the machine using their input devices, keyboard and mouse, and to have their screen displaying the output of their actions – as if they were physically connected. Simply put, gaining access to your crown jewels.

SolarLeaks

In the aftermath of the notorious SolarWinds breach, occurring in mid-December 2020, a nefarious website was observed on 12 January 2021 and, presumably linked to the threat actors involved in the original supply chain attacks, purports to offer stolen data from four victim companies for sale: Other than the above, no file listings, screenshots or detailed 'proof' have been provided although links to four encrypted archive files, one for each potential victim organization, were uploaded to the popular

Phishing for Lumens: A Stellar Stealing Campaign

With many financially-motivated threat actors targeting cryptocurrency, it comes as no surprise that users of 'Stellar', an opensource blockchain payment network, have recently been targeted in a somewhat convincing attack in an attempt to steal their holdings of Lumen (XLM), an 'altcoin' cryptocurrency.