ShadowTalk Update – 11.19.2018

Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Leaked court documents surfaced this week detailing how Italian authorities tried and ultimately failed to identify and convict the vigilante hacker, Phineas Fisher, best known for the infamous breach against the Italian surveillance and technology company, Hacking Team. Dr. Richard Gold and Harrison Van Riper join Rafael Amado in this week’s edition of ShadowTalk. The team discuss the history of Phineas Fisher, the techniques used to break into the Hacking Team network, and the operational security (OPSEC) practices that allowed Phineas Fisher to remain at large.



New nation-state threat actor uses advanced TTPs to target Pakistan

A newly-observed cyber espionage threat group dubbed The White Company has reportedly been conducting an ongoing campaign called Operation Shaheen against Pakistan’s government and military entities. The campaign used complex obfuscation techniques and incorporated active antivirus detection avoidance measures. Due to the campaign’s technical complexities and apparent goals, the group is likely nation-state–sponsored, though concrete attribution is unknown at the time of writing.


Lazarus Group’s FASTCash malware operations detailed

Security researchers published new details of the TTPs employed in the Lazarus Group malware operation dubbed FASTCash. Using an unknown method, the group first compromised an application server that handles the ATM transaction process and then installed the FASTCash malware, which monitors all monetary withdrawal requests. Once installed, the malware intercepts requests from Lazarus Group operators and issues fake approval commands, distributing money at the ATM. The threat from the FASTCash campaign is assessed to be high because of the campaign’s widespread nature (the malware has affected over 30 countries to date) and the resultant direct financial loss.


Cryptojacking campaign targets Canadian university

An unidentified threat actor targeted a Canadian university in a cryptojacking attack that abused the university’s computational resources to mine Bitcoin. Xavier University disabled their entire network and reset all user passwords in response to the attack. Universities are lucrative targets for cryptojacking campaigns due to their significant computational resources and relatively low levels of cyber security maturity (when compared to other similarly-sized organizations).

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
About Digital Shadows
Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation. The Digital Shadows SearchLight™ service combines scalable data analytics with human data analysts to manage and mitigate risks of an organization’s brand exposure, VIP exposure, cyber threat, data exposure, infrastructure exposure, physical threat, and third party risk, and create an up-to-the minute view of an organization’s digital risk with tailored threat intelligence.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?