ShadowTalk Update – 12.10.2018

Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

In this week’s ShadowTalk, Rick Holland and Harrison Van Riper join Michael Marriott to discuss the implications of the Marriott data breach, as well as a look forward to trends we might see in 2019. Specifically, we dig into ransomware and discuss what you should be considering in 2019. To read more about these trends (and more) read Harrison’s blog, ‘2019 Cyber Security Forecasts’. Alternatively, register for our upcoming webinar with the FBI.



Marriott confirms data of 500 million guests breached

The hotel chain Marriott International confirmed that a data breach by an unknown threat actor exposed approximately 500 million guests’ details. Around 367 million of the records included personally identifiable information (PII), passport numbers and financial information pertaining to guests’ accounts with Starwood, a subsidiary Marriott acquired in 2016. Because the data was sourced from Starwood and unauthorized access had reportedly occurred in 2014, this incident highlights the cyber security risks (including financial loss and reputational damage) an organization can become exposed to through mergers and acquisitions. The breach has also posed various potential political, legal and regulatory challenges for Marriott.

US government indicts SamSam ransomware author-operators

Two individuals reportedly responsible for creating, modifying and distributing the SamSam ransomware have been charged by the United States government. With their Bitcoin wallet addresses publicly attributed to SamSam activity, the individuals have been placed on the Specially Designated Nationals and Blocked Persons List; organizations paying ransomware extortion fees to their addresses risk violating United States economic sanctions.It is realistically possible that SamSam will target other geographies, and/or could set up new Bitcoin addresses that are not linked to the indicted individuals.

thedarkoverlord claims compromise of US insurance company

Extortionist thedarkoverlord has likely obtained an unidentified United States insurance company’s database. The threat actor’s associated Twitter account referred to the breach and a subsequent extortion demand. Given thedarkoverlord’s previous history of successful attacks, it is likely a credible demand. If the affected company does not pay the ransom, thedarkoverlord will likely publish any sensitive information obtained, potentially via the dark Web forum KickAss, on which the threat actor has recently become active.

Energy companies among victims of AutoCAD-based malware espionage

An industrial espionage campaign distributing malware based on the design software AutoCAD has reportedly been targeting the renewable-energy and automotive sectors, among others, since 2014. The perpetrators distributed stolen computer-aided design (CAD) files that were designed to lure victims into installing downloader malware onto their network. AutoCAD is a popular application and includes some auto-loading features, which the attackers also abused to execute malicious scripts.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
About Digital Shadows
Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation. The Digital Shadows SearchLight™ service combines scalable data analytics with human data analysts to manage and mitigate risks of an organization’s brand exposure, VIP exposure, cyber threat, data exposure, infrastructure exposure, physical threat, and third party risk, and create an up-to-the minute view of an organization’s digital risk with tailored threat intelligence.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge



i2p Networks, Tor and Freenet Features: Pros + Cons
Views: 100 / January 23, 2019
DNS Rebinding – Behind The Enemy Lines
Views: 2452 / January 19, 2019
My IT Learning Journey
Views: 2860 / January 18, 2019
A New Age of Digital Interconnection
Views: 2281 / January 18, 2019
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?