ShadowTalk Update – 12.10.2018

Share and earn Cybytes
Facebook Twitter LinkedIn Email

In this week’s ShadowTalk, Rick Holland and Harrison Van Riper join Michael Marriott to discuss the implications of the Marriott data breach, as well as a look forward to trends we might see in 2019. Specifically, we dig into ransomware and discuss what you should be considering in 2019. To read more about these trends (and more) read Harrison’s blog, ‘2019 Cyber Security Forecasts’. Alternatively, register for our upcoming webinar with the FBI.



Marriott confirms data of 500 million guests breached

The hotel chain Marriott International confirmed that a data breach by an unknown threat actor exposed approximately 500 million guests’ details. Around 367 million of the records included personally identifiable information (PII), passport numbers and financial information pertaining to guests’ accounts with Starwood, a subsidiary Marriott acquired in 2016. Because the data was sourced from Starwood and unauthorized access had reportedly occurred in 2014, this incident highlights the cyber security risks (including financial loss and reputational damage) an organization can become exposed to through mergers and acquisitions. The breach has also posed various potential political, legal and regulatory challenges for Marriott.

US government indicts SamSam ransomware author-operators

Two individuals reportedly responsible for creating, modifying and distributing the SamSam ransomware have been charged by the United States government. With their Bitcoin wallet addresses publicly attributed to SamSam activity, the individuals have been placed on the Specially Designated Nationals and Blocked Persons List; organizations paying ransomware extortion fees to their addresses risk violating United States economic sanctions.It is realistically possible that SamSam will target other geographies, and/or could set up new Bitcoin addresses that are not linked to the indicted individuals.

thedarkoverlord claims compromise of US insurance company

Extortionist thedarkoverlord has likely obtained an unidentified United States insurance company’s database. The threat actor’s associated Twitter account referred to the breach and a subsequent extortion demand. Given thedarkoverlord’s previous history of successful attacks, it is likely a credible demand. If the affected company does not pay the ransom, thedarkoverlord will likely publish any sensitive information obtained, potentially via the dark Web forum KickAss, on which the threat actor has recently become active.

Energy companies among victims of AutoCAD-based malware espionage

An industrial espionage campaign distributing malware based on the design software AutoCAD has reportedly been targeting the renewable-energy and automotive sectors, among others, since 2014. The perpetrators distributed stolen computer-aided design (CAD) files that were designed to lure victims into installing downloader malware onto their network. AutoCAD is a popular application and includes some auto-loading features, which the attackers also abused to execute malicious scripts.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Digital Shadows
Digital Shadows is the leader in Digital Risk Protection. Digital Shadows minimizes digital risk by identifying unwanted exposure and protecting against external threats. Organizations can suffer regulatory fines, loss of intellectual property, and reputational damage when digital risk is left unmanaged. Digital Shadows SearchLight™ helps you minimize these risks by detecting data loss, securing your online brand, and reducing your attack surface. To learn more and get free access to SearchLight, visit
Promoted Content
A Practical Guide to Reducing Digital Risk - Tools and Approaches for Security, Intelligence, and Fraud Teams
For those working to secure organizations, life isn't getting any easier. As businesses continue to invest in technology, the environment that must be secured has become more complex and challenging. This guide is written for people whose role it is to deal with this complexity: the practitioners. It provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?