This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Subscribe

Social Media Links

| 1 minute read

Ankura Cyber Threat Intelligence Bulletin (November 2021)

Over the past thirty days, the Ankura Cybersecurity team has worked with clients to solve cybersecurity challenges involving recent cyber mercenary threat activity, coordinated government crackdowns on ransomware operations and affiliates, and a new open-source fuzz-testing Google tool that will allow developers, administrators, and security personnel to find vulnerable software bugs more efficiently.

Void Balaur: A Cyber Mercenary Case Study

Trend Micro unveiled research on threat actor Void Balaur, a long-running cyber mercenary group of likely Russian origin. The group appears to be connected to social engineering and hacking attacks against high-profile targets, financially motivated attacks across several sectors, and trafficking sensitive information from Russian databases.

GoldDust Arrests Individuals Tied to Ransomware

Law enforcement agencies from several countries combined their intelligence efforts to form a joint investigation team named “GoldDust” to combat ransomware and track down hackers belonging to the infamous group REvil. Recently, U.S. law enforcement arrested individuals involved with REvil and GandCrab as a result of this effort.

U.S. Sanctions Ransomware-Affiliated Crypto Exchanges

In an effort to combat ransomware threats, the Biden administration has started issuing sanctions intended to stop businesses in the U.S. from being able to trade or financially transact with a country or organization, essentially breaking the flow of capital to the criminal organizations behind the ransomware groups.

Google Unveils New Fuzz-Testing Tool

Fuzzing is an essential tool threat actors use to flood a victim application with junk data to find an exploitable bug. Google’s new open-source tool Clusterfuzzlite integrates fuzz-testing into the software development workflow, allowing software developers to quickly and efficiently catch bugs that would slip through most manual checks and review pre-release.

Read more by downloading our full November Cyber Threat Intelligence Bulletin below.

© Copyright 2021. The views expressed herein are those of the author(s) and not necessarily the views of Ankura Consulting Group, LLC., its management, its subsidiaries, its affiliates, or its other professionals. Ankura is not a law firm and cannot provide legal advice.

Tags

cybersecurity & data privacy, cyber response, data privacy & cyber risk, f-risk, report

Let’s Connect

We solve problems by operating as one firm to deliver for our clients. Where others advise, we solve. Where others consult, we partner.

I’m interested in

I need help with