April 3rd Cybers

                April 4, 2022

            April 3rd Cybers

             What’s Conti up to after their internal chat logs got leaked by a Ukrainian researcher? Making money, same as it ever was.
NCC Group Research & Technology @NCCGroupInfosecBlog: Conti-nuation: methods and techniques observed in operations post the leaks - by Nikolaos Pantazopoulos, Alex Jessop and Simon Biggs -research.nccgroup.com/2022/03/31/con… 
1:03 PM ∙ Mar 31, 2022
70Likes24Retweets

Wind turbine farm gets hit by, maybe ransomware? Must be Russian cyberwar we’ve all been waiting for.
Henrik Moltke @moltke
Nordex, another major wind turbine manufacturer hit by ‘cyber incident’ (normally meaning ransomware). Note that the release comes two days after the attack - and no mention of OT systems. I’m also noting that a lot of green energy companies were targeted lately. Coincidence? 🇷🇺 
8:49 PM ∙ Apr 2, 2022
215Likes114Retweets
 An interesting attack exploiting a mailing list to go after crypto wallet customers. Interesting for attacking MailChimp so that the customers of a crypto wallet could be targeted. MailChimp was just an enablement operation. 
Trezor @Trezor
MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.

We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/10:04 AM ∙ Apr 3, 2022
2,329Likes1,043Retweets
 Good thought
Brian in Pittsburgh @arekfurt
I think I've said this before, but there is a huge practical difference (and I'll argue, a very important one) in cybersecurity between thinking about cyber actors as going after individual targets and thinking about them as going after target sets.4:22 PM ∙ Apr 2, 2022
104Likes21Retweets

Don't miss what's next. Subscribe to the grugq's newsletter: