Newsletter compiled by Jon Munshaw.
Good afternoon, Talos readers.
While ransomware has made all the headlines this year, that doesn’t mean cryptocurrency miners are going anywhere. We recently discovered a new actor we’re calling “Xanthe” that’s mining Monero on targets’ machines. The main payload, in this case, is a variant of the XMRig Monero-mining program that is protected with a shared object developed to hide the presence of the miner's process from various tools for process enumeration. We’ll also have a string of Beers with Talos episodes to round out the year (hopefully one new one a week). This week, the guys discuss QR codes and whether we should still care about them, and how they could potentially aid in the robots’ uprising against Craig.
Cyber security week in review
The FBI released a warning this week that attackers are taking advantage of email forwarding rules to skirt by email sensors and send spam emails. Adversaries hope by inserting themselves in legitimate email threads, they’re more likely to be successful.
Home Depot settled with more than 40 states over a 2014 data breach. The company will pay out $17.5 million and agreed to implement several new security measures.
The Aspen Cybersecurity Group released a report outlining several key areas in which the incoming Biden administration can threat source newsletter
){kind=link}