This week on The Threat Show, Darien and Chris break down four interesting threats, including a ransomware group with a double extortion model, a popular point-of-sale system hit with ransomware, a 6-year-old flaw that can give Russian state-sponsored threat actors backdoor access to Cisco Routers, and two Apple zero-day vulnerabilities.
Threat Landscape (00:38)
Darien and Chris break down this week’s Threat Landscape, broadly examining the threats that emerged, started to trend, and became mainstream, as well as the threats that haven’t seen any activity in the past month.
Money Ransomware: The Latest Double Extortion Group (02:45)
The Money Ransomware threat group has adopted a double extortion model, meaning they not only encrypt your data for ransom, but they also steal and threaten to leak the data publicly.
Payments Giant NCR Hit by Ransomware (07:39)
The BlackCat/Alphv ransomware group has targeted the payment processor NCR, impacting the Aloha point-of-sale (PoS) system used by restaurants around the country. The group can obtain credentials to access NCR customer networks.
US, UK Agencies Warn of Nation-State Hackers Using Custom Malware on Cisco Routers (12:00)
Russian state-sponsored threat actor APT28 leveraged a 6-year-old Simple Network Management Protocol (SNMP) flaw to deploy malware onto US and European Cisco Routers. Once deployed the group will have backdoor access to the device.
Apple releases emergency updates for two known-to-be-exploited vulnerabilities (16:00)
Apple released two fixes for two known and exploited zero-day vulnerabilities. One of the vulnerabilities is caused by installing a rogue app on your iOS or macOS device, leading to arbitrary code execution and kernel-level privilege to the device.
