Radware Threat Researchers Live - ep.10 - Emotet, FluBot, Ransomware, SLOWPULSE, Moserpass, Codecov

Every last Thursday of the month the Radware Threat Researchers go live at 4pm CET. In this episode: 0:00 Intro 3:13 Emotet clean-up 7:48 FluBot, the Smishing Android banking Trojan 14:00 Ransomware TTPs 28:51 SLOWPULSE, CVE-2021-22893 45:01 You've been Rickrolled! 48:32 Moserpass - clickstudio Supply-Chain Attack 54:33 Codecov - DevOps Supply-Chain Attack 57:20 Linux bans University of Minnesota 1:05:34 Outro Looking for presentations and resources from past episodes: https://discover.radware.com/l/threat-intelligence Want to binge-watch all our episodes: https://www.youtube.com/playlist?list=PLpQk88W8mWuUdno4qcR3LWSQ7YB8T_JUy Looking forward to see you on the next live! Pascal and Daniel. -- Resources for this episode: Emotet clean-up https://twitter.com/milkr3am/status/1354459859912192002?s=20 https://portswigger.net/daily-swig/emotet-clean-up-security-pros-draw-lessons-from-botnet-menace-as-kill-switch-is-activated https://blog.malwarebytes.com/threat-analysis/2021/01/cleaning-up-after-emotet-the-law-enforcement-file/ https://www.justice.gov/opa/pr/emotet-botnet-disrupted-international-cyber-operation FluBot https://raw.githubusercontent.com/prodaft/malware-ioc/master/FluBot/FluBot.pdf https://medium.com/csis-techblog/the-brief-glory-of-cabassous-flubot-a-private-android-banking-botnet-bc2ed7917027 https://therecord.media/despite-arrests-in-spain-flubot-operations-explode-across-europe-and-japan/ https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/Smishing_SMS-Phishing_090421.html https://www.ncsc.gov.uk/guidance/flubot-guidance-for-text-message-scam https://www.uspis.gov/news/scam-article/smishing https://www.consumer.ftc.gov/blog/2014/12/package-delivery-scam-delivered-your-inbox?page=9 SLOWPULSE https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784 https://github.com/ZephrFish/CVE-2021-22893 Moserpass https://www.clickstudios.com.au/advisories/Incident_Management_Advisory-01-20210424.pdf https://www.csis.dk/newsroom-blog-overview/2021/moserpass-supply-chain/ Codecov https://www.bleepingcomputer.com/news/security/popular-codecov-code-coverage-tool-hacked-to-steal-dev-credentials/ https://www.bleepingcomputer.com/news/security/hundreds-of-networks-reportedly-hacked-in-codecov-supply-chain-attack/ Linux bans University of Minnesota for committing malicious code https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/

Tweets by radware

Tweets Liked by @radware