Talion Threat Set Radio is your weekly cyber threat intelligence bulletin. We cut through the noise to give you our honest opinion on the threat news that matters.
Threat Bulletin #188
New zero day “similar to proxylogon” used in exchange attacks.
Brute Ratel has been cracked, and will likely replace Cobalt Strike imminently.
A new dropper unloads a dozen infections, some of which are droppers themselves.
Threat Bulletin #187
Lockbit 3.0 toolkit leaked online by one or more angry developers.
15 year old unpatched Python flaw present in over 350,000 projects.
Emotet post Conti, now distributes Quantum and BlackCat.
Threat Bulletin #186
Iranian group leverages bitlocker to perform encryption.
Intermittent encryption gains popularity among ransomware operators.
Bumblebee gains new post exploitation and stealth capabilities.
Threat Bulletin #185
Twilio breach allowed attackers access to Okta single use sign on codes.
Raspberry Robin USB malware linked to EvilCorp via Dridex similarities.
Ransomware written in more obscure languages trend continues with Golang based “Agenda”
Threat Bulletin #184
LastPass suffers breach, unknown amount of source code stolen.
APT29 and others leveraging dormant accounts to bypass MFA.
Lockbit victim Entrust appears to DDoS the ransomware operation in retaliation.
Threat Bulletin #183
Electron, the backbone of Teams and Discord, has a one click RCE vulnerability uncovered.
POC for a 9.8 vulnerability targeting Realtek routers released online.
Callback phishing as an attack vector sees an alarming 625% spike from last quarter.