X-Industry

The US government and several other countries have been grappling with a key question over the last year: Should ransomware payments be banned, with select waivers available for special situations?

Speaking at a Ransomware Task Force event on Friday, White House Deputy National Security Adviser Anne Neuberger said ransomware payment bans have been a topic of discussion among members of the Counter Ransomware Initiative, which she said has evolved rapidly since it was created in 2021.

According t

Activity Summary - Week Ending on 18 February 2022:

• Red Sky Alliance identified 18,841 connections from new IP’s checking in with our Sinkholes
• Ugg Boot 4 Sale
• Analysts identified 5,853 new IP addresses participating in various Botnets
• ACTINIUM/Gamaredon/DEV-0157
• Vulnerabilities in Adobe Illustrator & Photoshop
• APTs in Turkey and Colombia on the Rise
• Fake Windows 11
• 49ers Hit by BlackByte
• TA2541
• Ecommerce Sites Rigged
• Truckers and Doxxing

Link to full report: IR-22-049-001_weekly049.pdf

Summary

APT-C-36 or Blind Eagle (BE) is an APT group that is believed to originate from South America.  BE has been carrying out attacks against Colombian government institutions, to include the financial sector, petroleum industry and professional manufacturing.  BE has been active since April 2018.  Affected targets include Ecopetrol (Colombian Oil Company), Banco Agrario (State Financial Institution) and IMSA (Colombian Wheel Manufacturer).  It is possible BE is involved in recent geopolitica