Wednesday, February 24, 2021
Primarius Group
No Result
View All Result
PG-Intel
Advertisement
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
PG-Intel
No Result
View All Result

FireEye Links Accellion Attacks to FIN11

1 day ago
in Information Security/Cyber security
0
FireEye Links Accellion Attacks to FIN11
Share on FacebookShare on TwitterShare on LinkedIn


A string of assaults exploiting a legacy file switch product have been linked to well-known monetary cybercrime gang FIN11.

The assaults on the New Zealand Central Bank, Singtel, Kroger and plenty of extra exploited a number of zero-day vulnerabilities in Accellion’s FTA product and are being tracked by FireEye as UNC2546.

“The motivation of UNC2546 was not instantly obvious, however beginning in late January 2021, a number of organizations that had been impacted by UNC2546 within the prior month started receiving extortion emails from actors threatening to publish stolen knowledge on the ‘CL0P^_- LEAKS’ .onion web site,” the seller defined.

“Among the revealed sufferer knowledge seems to have been stolen utilizing the DEWMODE net shell.”

FireEye mentioned that the FIN11 gang has beforehand revealed stolen sufferer knowledge from CLOP ransomware assaults on the identical .onion website, in double dip extortion campaigns. Though there was no ransomware within the Accellion assaults, investigators discovered different hyperlinks with the group.

It mentioned lots of the organizations compromised by UNC2546 had been beforehand focused by FIN11, and that an IP tackle that communicated with a DEWMODE net shell was within the “Fortunix Networks L.P.” netblock. It is a community ceaselessly utilized by FIN11 to host obtain and FRIENDSPEAK command and management (C2) domains, FireEye claimed.

The seller is monitoring the extortion exercise associated to the Accellion assaults as UNC2582 and mentioned it discovered much more overlaps between this and FIN11, together with emails despatched from the identical IP addresses as FIN11 phishing campaigns.

In an replace yesterday, Accellion itself revealed that “fewer than 100” of the 300 company customers of FTA had been affected by the marketing campaign, and “fewer than 25 seem to have suffered important knowledge theft.”

ShareTweetShare

Related Posts

Medical Data of 500,000 French Residents Leaked Online
Information Security/Cyber security

Medical Data of 500,000 French Residents Leaked Online

February 24, 2021
Kroger data breach highlights urgent need to replace legacy, end-of-life tools
Information Security/Cyber security

Kroger data breach highlights urgent need to replace legacy, end-of-life tools

February 24, 2021
CrowdStrike Slams Microsoft Over SolarWinds Hack
Information Security/Cyber security

CrowdStrike Slams Microsoft Over SolarWinds Hack

February 24, 2021
5 tips to protect your organization against the next cyberattack
Information Security/Cyber security

5 tips to protect your organization against the next cyberattack

February 24, 2021
The 3 Most Common Types of BEC Attacks (And What …
Information Security/Cyber security

The Realities of Extended Detection and Response …

February 24, 2021
Former Power Company Boss to Admit Wire Fraud
Information Security/Cyber security

Former Power Company Boss to Admit Wire Fraud

February 24, 2021
Next Post
NICE inContact Wins Gold Stevie Award for its Leading Cloud Customer Experience Platform

NICE inContact Wins Gold Stevie Award for its Leading Cloud Customer Experience Platform

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Updates

HCL Technologies é nomeada um prestigiado World’s Best Employer pela Forbes

Samenvatting: HCL Technologies door Forbes uitgeroepen tot de beste werkgever ter wereld

46 seconds ago
Medical Data of 500,000 French Residents Leaked Online

Medical Data of 500,000 French Residents Leaked Online

26 mins ago
Samsung’s Fancy New ISOCELL GN2 Camera Sensor

Samsung’s Fancy New ISOCELL GN2 Camera Sensor

31 mins ago
Updated Minebridge RAT Targets Security Researchers

Updated Minebridge RAT Targets Security Researchers

41 mins ago
Brown Wants More Data to Support Cuts to Legacy Systems

Brown Wants More Data to Support Cuts to Legacy Systems

44 mins ago
Kroger data breach highlights urgent need to replace legacy, end-of-life tools

Kroger data breach highlights urgent need to replace legacy, end-of-life tools

48 mins ago

Riassunto: Smiths Detection installa sistemi di ispezione a raggi X nella Phoenix Suns Arena

1 hour ago
Disengagement Win-Win Situation For Both Sides: Army Chief

Disengagement Win-Win Situation For Both Sides: Army Chief

1 hour ago
Load More
PG-Intel

© 2020 All Rights Reserved .

Brought to you by Primarius Group

  • Disclaimer
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Follow Us

No Result
View All Result
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management

© 2020 All Rights Reserved .