This ATM RootKit Can Steal Banking Creds - ThreatWire AUDIO ONLY (Patreon)

Google exposed Exotic Lily, a group that works with Conti, an ATM rootkit can steal banking data, and TrickBot targets MikroTik routers! All that coming up now on ThreatWire. #threatwire #hak5

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/YOqY3SONtTI

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Links:

Exotic Lily

https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/

https://www.bleepingcomputer.com/news/security/google-exposes-tactics-of-a-conti-ransomware-access-broker/

https://www.wired.com/story/conti-leaks-ransomware-work-life/

https://threatpost.com/conti-ransomware-v-3-including-decryptor-leaked/179006/

ATM RootKit

https://www.mandiant.com/resources/unc2891-overview

https://www.mandiant.com/resources/live-off-the-land-an-overview-of-unc1945

https://www.bleepingcomputer.com/news/security/new-unix-rootkit-used-to-steal-atm-banking-data/

https://thehackernews.com/2022/03/hackers-target-bank-networks-with-new.html

MikroTik Attacks

https://www.microsoft.com/security/blog/2022/03/16/uncovering-trickbots-use-of-iot-devices-in-command-and-control-infrastructure/

https://eclypsium.com/2021/12/09/when-honey-bees-become-murder-hornets/

https://arstechnica.com/information-technology/2022/03/trickbot-is-using-mikrotik-routers-to-ply-its-trade-now-we-know-why/

https://thehackernews.com/2022/03/trickbot-malware-abusing-hacked-iot.html

https://www.bleepingcomputer.com/news/security/microsoft-creates-tool-to-scan-mikrotik-routers-for-trickbot-infections/

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.