Recent criminal activity–it’s as opportunistic as ever. Cyber risk to the pharma sector. Updates on the hybrid war. Returning Cobalt Strike to the legitimate red teams.
Daixin Team claims ransomware attack against AirAsia. DraftKings users suffer credential harvesting and paycard theft. Assessing cyber risk in the US pharmaceutical industry. Killnet claims successes few others can discern. In Ukraine, kinetic attacks on IT infrastructure eclipse cyberattacks. Carole Theriault on digital echo chambers and what's in it for us. Nancy Wang from Forta's Alert Logic discusses how she is helping more young women get into the STEM field and leadership positions. Google seeks to render Cobalt Strike less useful to threat actors.
DraftKings Users Hacked, Money In Account "Cashed Out" (Action Network)
Killnet DDoS hacktivists target Royal Family and others (ComputerWeekly.com)
Making Cobalt Strike harder for threat actors to abuse (Google Cloud Blog)
Google seeks to make Cobalt Strike useless to attackers (Help Net Security)
Google Releases YARA Rules to Disrupt Cobalt Strike Abuse (Dark Reading)
Google releases 165 YARA rules to detect Cobalt Strike attacks (BleepingComputer)