CYBER NEWS UPDATE #60

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

Lately, it seems more and more organizations refuse to pay ransomware attacks, as a result, there is an increasing amount of stolen data offered for sale on the internet.

A US-based auto parts distributor has sensitive data leaked by cybercriminals After refusing to pay ransom.

A 3GB archive that purportedly belongs to NameSouth, a US-based auto parts shop, has been publicly leaked by the NetWalker ransomware group.

The NameSouth archive leaked by NetWalker includes confidential company data and sensitive documents, including financial and accounting data, credit card statements, personally identifiable employee information, and various legal documents.

The NetWalker ransomware gang tends to offer post-breach data leaks for free, and only put a price tag on them after the data has been downloaded a certain number of times. So far, the NameSouth archive is still freely available, which might indicate that the data has been accessed by a relatively small number of users.

With that said, there is a high chance that sooner or later, the confidential company data may be used by bad actors for malicious purposes.

For organizations that wish to avoid becoming victims of ransomware groups like NetWalker, here are a few basic precautions to have in mind:

  • Establish an intelligent threat detection system.
  • Establish proactive layers based on cyber intelligence and deception
  • Use a salted secure encryption algorithm to encrypt your confidential data. When encrypted, your company data would be all but useless to attackers. 


A wave of attacks against companies in Colombia uses a trio of Remote Access Trojans (RATs) to steal confidential, sensitive data.

ESET an antivirus company said in a blog post that lately government and private entities in Colombia are being exclusively targeted by the threat actors, who seem to have a particular interest in the energy and metallurgical industries. 

To begin the infection chain against a target entity, the threat actors use a traditional method: phishing emails. The subjects of these fraudulent messages range from demands to attend court hearings to bank account freeze warnings and notifications to take a mandatory COVID-19 test. 

Each email has a PDF file attached, If the victim downloads the package, located on hosting services an executable file within triggers malware. 

The malware tries to install no less than 3 different remote access tools that are available for sale by other hackers, in this attack the hackers didn’t try to develop their own tools but decided to buy readymade tools to control the remote attackers.

It is un clear who is behind this attack but since there is a big and dynamic environment that is constantly changing behind the attack it is most probably a nation state campaign. 

Many countries prefer to use cyber attacks un order to undermine regimes around the world and in order to cause chaos instead of 


That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.

댓글 남기기