The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Belarus, China, Data breach, Data leak, Oil and gas, Phishing, Russia, and Ukraine. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the attached IOCs and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Samsung Confirms Galaxy Source Code Breach but Says no Customer Information was Stolen
(published: March 7, 2022)
South American threat actor group Lapsus$ posted snapshots and claimed it had stolen 190GB of confidential data, including source code, from the South Korean tech company Samsung. On March 7, 2022, Samsung confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers. Earlier, in February 2022, Lapsus$ had stolen 1TB data from GPU giant Nvidia and tried to negotiate with the company.Analyst Comment: Companies should implement cybersecurity best practices to guard their source code and other proprietary data. Special attention should be paid to workers working from home and the security of contractors who have access to such data.Tags: Lapsus$, South Korea, South America, Data breach
Beware of Malware Offering “Warm Greetings From Saudi Aramco”
(published: March 5, 2022)
Malwarebytes researchers discovered a new phishing campaign impersonating Saudi Aramco and targeting oil and gas companies. The attached pdf file contained an embedded Excel object which would down ..
Support the originator by clicking the read the rest link below.
