‹ All episodes

The Cybersecurity Defenders Podcast

#68 - Intel Chat: Bumbebee, LockBit Gang, LUC-3, HTTPSnoop, DeadGlyph & Stately Taurus + Alloy Taurus + Gelsemium

September 28, 2023 LimaCharlie
The Cybersecurity Defenders Podcast
#68 - Intel Chat: Bumbebee, LockBit Gang, LUC-3, HTTPSnoop, DeadGlyph & Stately Taurus + Alloy Taurus + Gelsemium
Info
The Cybersecurity Defenders Podcast
#68 - Intel Chat: Bumbebee, LockBit Gang, LUC-3, HTTPSnoop, DeadGlyph & Stately Taurus + Alloy Taurus + Gelsemium
Sep 28, 2023
LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel

  • Intel471 are reporting on a campaign utilizing Bumblebee, a type of a loader that has increasingly been used by threat actors affiliated with ransomware.
  • ESentire are reporting on several attacks conducted by the Russia-linked LockBit Gang.
  • Permiso reporting on LUC-3 who overlaps with Scattered Spider.
  • Cisco Talos has discovered a new malware family they have dubbed HTTPSnoop being deployed against telecommunication providers in the Middle East.  
  • WeLiveSecurity have stumbled upon a previously unknown backdoor being deployed in the Middle East that they have named DeadGlyph
  • Unit42 have started investigating a series of espionage attacks targeting a government in Southeast Asia.

LimaCharlie's Office Hours, where we break down some TTPs in-depth, take place every Friday at 9.00 AM PT / 12.00 PM ET. You can find more information here: limacharlie.io/office-hours

The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.


Share
Apple Podcasts Spotify Amazon Music Podcast Index Overcast iHeartRadio +
Show Notes

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel

  • Intel471 are reporting on a campaign utilizing Bumblebee, a type of a loader that has increasingly been used by threat actors affiliated with ransomware.
  • ESentire are reporting on several attacks conducted by the Russia-linked LockBit Gang.
  • Permiso reporting on LUC-3 who overlaps with Scattered Spider.
  • Cisco Talos has discovered a new malware family they have dubbed HTTPSnoop being deployed against telecommunication providers in the Middle East.  
  • WeLiveSecurity have stumbled upon a previously unknown backdoor being deployed in the Middle East that they have named DeadGlyph
  • Unit42 have started investigating a series of espionage attacks targeting a government in Southeast Asia.

LimaCharlie's Office Hours, where we break down some TTPs in-depth, take place every Friday at 9.00 AM PT / 12.00 PM ET. You can find more information here: limacharlie.io/office-hours

The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.