Vaccine scheduling site hit with ransomware. Cyberespionage hits Southeast Asian telcos. RATs in the wild. BlackMatter speaks?

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Attacks, Threats, and Vulnerabilities

Five Southeast Asian telcos hacked by three different Chinese espionage groups (The Record by Recorded Future) At least five major telecommunication providers from Southeast Asia have been hacked over the past years by different Chinese cyber-espionage groups.

Hackers Take Down Italian Vaccine-Booking Site (Wall Street Journal) A cyberattack took down an Italian region’s vaccine-scheduling website, highlighting hackers’ ability to topple Covid-19 infrastructure.

Hackers block Italian Covid-19 vaccination booking system in ‘most serious cyberattack ever’ (CNN) Hackers have attacked and blocked an Italian Covid-19 vaccination booking system, a source from Italy’s cybercrime police told CNN on Monday, marking the worst cyberattack the country’s health service has ever seen.

New sophisticated RAT in town: FatalRat analysis (AT&T Alien Labs) This blog was written by Ofer Caspi and Javi Ruiz.

Summary

AT&T Alien Labs™ has recently observed the presence of a new remote access trojan (RAT) malware in its threat analysis systems. The malware, known as FatalRAT, appears to be distributed via forums and Telegram channels, hidden in download links that attempt to lure the user via software or media articles.

Key takeaways:

AT&T Alien Labs performed a malware analysis of the FatalRAT threat.
We have observed a

Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records (CyberScoop) Hackers with ties to China took advantage of vulnerabilities in Microsoft Exchange for several months starting in late 2020 to steal call logs from a Southeast Asia telecommunication company, researchers at Cybereason report.ucting the same kinds of operations. The […]

An interview with BlackMatter: A new ransomware group that’s learning from the mistakes of DarkSide and REvil (The Record by Recorded Future) A representative of the BlackMatter group talked to Recorded Future expert threat intelligence analyst Dmitry Smilyanets.

Inside a Ransomware Negotiation: This Is How ‘Asshole’ Russian Hackers Shake Down Companies (The Daily Beast) The Daily Beast obtained transcripts of a victim negotiating with a ransomware gang this…

Source…