Notable Adversarial Cyber Nations, BlackLock, Devman
Threat Content Highlights
Threat Objects & Profiles
- The Adversary Intel team maintains curated Threat Profiles containing new & recently updated threats linked to the four most notable adversarial cyber nations (Russia, China, Iran, North Korea), and we updated each of these Profiles this week:
- In recent days, multiple sources have warned of increased Iran-linked cyber activity amid renewed conflict between Israel and Iran. During previous conflicts, Iran-aligned actors have targeted infrastructure & companies associated with Israel and countries perceived to support Israel.
- We are highlighting the objects from our “Iran-Attributed Threats” Profile for our weekly “Trending & Emerging Threats” update. The profile highlights prominent Groups, a recent Campaign linked to them, and top Software used by multiple groups.
- Updates to all our monthly- & quarterly-updated Tidal-curated Threat Profiles, including: Major & Emerging Ransomware & Extortion Threats, Tidal Trending Techniques, and Sector- and Technology-focused Threat Profiles
- The Ransomware profile features two newly added threats: BlackLock (Group & Software) and Devman (Group & Software) are both newcomers to the list of “top 10” ransomware operations in terms of publicly claimed victims