Weekly: Lebanese Cedar, Nefilim Ghost Credentials, and More on SolarWinds and Emotet

ShadowTalk hosts Stefano, Adam, and Kim bring you the latest in threat intelligence. This week they cover:- More threat actors and attack vectors are being investigated in the SolarWinds compromise- Law enforcement officials in the Netherlands are delivering an Emotet update that will remove it from infected devices- Kim talks Lebanese Cedar - What’s new in their latest attack?- Adam reviews Nefilim ransomware - how were they able to gain access and why it reinforces the need for securing employee accounts - Plus, don’t miss the malware name of the week! Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-05-february ***Resources from this week’s podcast***SolarWinds Update: https://www.wsj.com/articles/suspected-russian-hack-extends-far-beyond-solarwinds-software-investigators-say-11611921601 Lebanese Cedar: https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf Nefilim Ghost Credentials: https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ Zinc Attacks: https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/ Emotet Disruption: https://www.digitalshadows.com/blog-and-research/emotet-disruption/ DarkMarket Seizure: https://www.digitalshadows.com/blog-and-research/darkmarkets-seizure/ Also, don’t forget to reach out to - shadowtalk@digitalshadows.com