The Blacksite Weekly Intelligence Report

Thursday Edition

 Chinese “Mustang Panda” Hacker Group Uses New Espionage Tactics

The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S. The group is known to have targeted a wide range of organizations since at least 2012, with the actor primarily relying on email-based social engineering to gain initial access to PlugX, a backdoor predominantly deployed for long-term access. The group has also deployed reverse shells, Meterpreter-based shellcode, and Cobalt Strike.

More information:

$15 Million Dollars Reward Offered for Conti Ransomware Gang Information

The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang. Up to $10 million of this reward are offered for info on Conti leaders’ identity and location, and an additional $5 million for leading to the arrest and/or convictions of individuals who conspired or attempted to participate in Conti attacks. Conti is a Ransomware-as-a-Service (RaaS) operation linked to the Russian-speaking Wizard Spider cybercrime group.

More information:

Google Pauses Paid App Downloads and Updates in Russia

Google is now blocking Russian users and developers from downloading or updating paid applications from the Google Play Store starting May 5, 2022. Developers can still publish and update free apps, with users still allowed to download them from the store. Google first paused its Google Play billing system in Russia on March 10 due to sanctions, preventing them from buying apps and games, paying for subscriptions or any in-app purchases. On March 23, Russia banned Alphabet’s news aggregator service Google News for providing access to “unreliable information” regarding the ongoing war in Ukraine.

More information:

Europe is Bracing itself for Cyber Warfare

Cybersecurity is now a top-tier item on the EU’s political agenda, says Professor Tim Stevens. The EU is developing a ‘cyber diplomatic actor’ to tackle cyber threats. Estonia was the target of a massive cyberattack in 2007, which brought down government sites, banks, and the media. In January, Brussels ran cyber war games featuring a fictitious Finnish energy company to test the resilience and preparedness of cybersecurity in Europe, part of a planned six-week exercise. EU passed a directive in December 2020 that required companies to address cybersecurity risks in their supply chains.

More information:

 How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats

 The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.

More information:

Please contact us and we’ll be glad to assist you.

Become invisible, become secure.