Tortoiseshell Targets IT Providers, The Tyurin Indictment, And Emotet’s Return

Viktoria hosts this week’s episode in London with Phillip Doherty and Adam Cook. After a quick debate around the top trending sports at the moment, the team digs into the first story of the week: Tortoiseshell Group (a newly identified threat group) has reportedly conducted some supply chain attack campaigns against 11 IT providers in Saudi Arabia. Next they look at two new malware variants that have emerged, attributed to North Korean-associated Lazarus Group. Emotet botnet has been hot in the news lately, so the team also talks about its emergence.  Finally the team rounds up the week with the Tyurin indictment, where Andrei Tyurin pleaded guilty to one of the largest computer hacking crimes involving US financial institutions, financial services, and news publishers. Our own Richard Gold published a blog mapping the indictment to the MITRE ATT&CK framework - definitely worth a read below. To learn more, check out our weekly intelligence summary report at https://resources.digitalshadows.com/weekly-intelligence-summary. Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework: https://www.digitalshadows.com/blog-and-research/mapping-the-tyurin-indictment-to-the-mitre-attck-framework/