WyzGuys Tech Talk

HomeWyzGuys Tech TalkWeekend Update

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

 TOM HEGEL  

Executive Summary

  • The cyber mercenary group known as Void Balaur continues to expand their hack-for-hire campaigns into 2022 unphased by disruptions to their online advertising personas.
  • New targets include a wide variety of industries, often with particular business or political interests tied to Russia. Void Balaur also goes after targets valuable for prepositioning or facilitating future attacks. Their targets span the United States, Russia, Ukraine, and various other countries.
  • Attacks are often very generic in theme, may appear opportunistic in nature, and account for targets making use of multi-factor authentication. The group seeks access to well-known email services (Gmail, Outlook, Yahoo), social media (Facebook, Instagram), messaging (Telegram), and corporate accounts.
  • A unique and short-lived connection links Void Balaur’s infrastructure to the Russian Federal Protective Service (FSO), a low-confidence indication of a potential customer relationship or resource sharing between the two.

More…

Ragnar Locker ransomware claims attack on Portugal’s flag airline

The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal, disclosed …

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

September 23, 2022

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.”  More… 

Be Sociable, Share!

1
OCT
0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.