Cybersecurity Weekly: Cobalt Strike DDoS, Patreon security team laid off, US sanctions Iran over APT activity

September 12, 2022 by Ryan Miner

Cobalt Strike servers DDoSed, city-operated ISP knocked offline due to ransomware, and Patreon lays off security team. All these and more in this week’s edition of Cybersecurity Weekly.

1. Ransomware gang’s Cobalt Strike servers DDoSed with anti-Russia messages

Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.
Read more »

2. Ransomware attack knocked a Kentucky city-operated ISP offline before holiday

The “Bourbon Capital of the World” is still investigating alleged ransomware attack.
Read more »

3. Patreon confirms layoff of entire security team

Patreon has confirmed it has laid off employees from its security team. Emily Metcalfe, a former senior security engineer at Patreon, said in a LinkedIn post on Thursday.
Read more »

4. Microsoft Teams GIFs leveraged in novel GIFShell attack

Threat actors could leverage Microsoft Teams GIFs to facilitate phishing attacks, data exfiltration, and command execution through the novel “GIFShell” attack technique.
Read more »

5. US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran’s intelligence apparatus, which is now blocked from doing business with US entities.
Read more »

Posted: September 12, 2022
Ryan Miner
View Profile