ShadowTalk Update – 11.19.2018

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Leaked court documents surfaced this week detailing how Italian authorities tried and ultimately failed to identify and convict the vigilante hacker, Phineas Fisher, best known for the infamous breach against the Italian surveillance and technology company, Hacking Team. Dr. Richard Gold and Harrison Van Riper join Rafael Amado in this week’s edition of ShadowTalk. The team discuss the history of Phineas Fisher, the techniques used to break into the Hacking Team network, and the operational security (OPSEC) practices that allowed Phineas Fisher to remain at large.



New nation-state threat actor uses advanced TTPs to target Pakistan

A newly-observed cyber espionage threat group dubbed The White Company has reportedly been conducting an ongoing campaign called Operation Shaheen against Pakistan’s government and military entities. The campaign used complex obfuscation techniques and incorporated active antivirus detection avoidance measures. Due to the campaign’s technical complexities and apparent goals, the group is likely nation-state–sponsored, though concrete attribution is unknown at the time of writing.


Lazarus Group’s FASTCash malware operations detailed

Security researchers published new details of the TTPs employed in the Lazarus Group malware operation dubbed FASTCash. Using an unknown method, the group first compromised an application server that handles the ATM transaction process and then installed the FASTCash malware, which monitors all monetary withdrawal requests. Once installed, the malware intercepts requests from Lazarus Group operators and issues fake approval commands, distributing money at the ATM. The threat from the FASTCash campaign is assessed to be high because of the campaign’s widespread nature (the malware has affected over 30 countries to date) and the resultant direct financial loss.


Cryptojacking campaign targets Canadian university

An unidentified threat actor targeted a Canadian university in a cryptojacking attack that abused the university’s computational resources to mine Bitcoin. Xavier University disabled their entire network and reset all user passwords in response to the attack. Universities are lucrative targets for cryptojacking campaigns due to their significant computational resources and relatively low levels of cyber security maturity (when compared to other similarly-sized organizations).

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Digital Shadows
Digital Shadows is the leader in Digital Risk Protection. Digital Shadows minimizes digital risk by identifying unwanted exposure and protecting against external threats. Organizations can suffer regulatory fines, loss of intellectual property, and reputational damage when digital risk is left unmanaged. Digital Shadows SearchLight™ helps you minimize these risks by detecting data loss, securing your online brand, and reducing your attack surface. To learn more and get free access to SearchLight, visit
Promoted Content
A Practical Guide to Reducing Digital Risk - Tools and Approaches for Security, Intelligence, and Fraud Teams
For those working to secure organizations, life isn't getting any easier. As businesses continue to invest in technology, the environment that must be secured has become more complex and challenging. This guide is written for people whose role it is to deal with this complexity: the practitioners. It provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?