Latest Insights
Lockbit 2.0 affiliate’s new SonicWall exploit bypasses MFA
Increasing Capabilities of LockBit 2.0 Gang Per Our Incident Response Experience in Q1 2022 Impacts Over One Hundred Hong Kong and Macau Organisations; Exploit Acknowledged by SonicWall as CVE-2022-22279 In the first quarter of 2022, DarkLab responded to several ransomware incidents impacting organisations in the financial services, real estate, and manufacturing sectors across Hong Kong, […]
Thousands of organisations in Hong Kong and Macau impacted by Spring Core Remote Code Execution Vulnerability
Impacted organisations include financial services and critical infrastructure providers On 29 March 2022, security researchers posted a now-removed screenshot to Twitter purporting to show a trivially-exploited unauthenticated remote code execution (RCE) vulnerability in the Spring Framework, one of the most popular Java frameworks in use globally.[1] While the screenshot did not include a proof of […]
Smells SMiShy to me…
Macau SMS Phishing Unveils Threat Actor Close to Home On 2 March 2022, Darklab observed SMS phishing (smishing) activity targeting mobile users in Macau. The message masqueraded as the courier service DHL delivering a package to the victim. The intended purpose was to steal victims’ credentials, personally identifiable information (PII), and credit card details. Smishing […]
A look Behinder the scene
Popular web shell exploited after Log4Shell for data theft DarkLab recently responded to an incident affecting a Hong Kong organisation in the retail sector. Threat actors exploited the vulnerability CVE-2021-44228 in the Apache Log4j library, also known as Log4Shell, as initial infection vector (link). While we observed multiple attempted exploitation of Log4Shell against our Managed […]
What to expect in 2022
Based on what we are observing in the threat landscape and the conversations we are having with industry leaders across sectors, here we outline what DarkLab cyber threat analysts think will be some of the most relevant issues in 2022
Trouble in Paradise
A case study of Cloud compromise