Professional Documents
Culture Documents
Purpose You may need to manually copy/paste/execute hyperlinks depicted below if your17 computer’s
May 2021
Educate recipients of cyber
events to aid in protecting security settings disable embedded hyperlinks displayed within a PDF file
electronically stored DoD,
corporate proprietary, and/or
Personally Identifiable
Information from unauthorized TWO REMOTE ACCESS TROJANS (RAT) TARGETING AEROSPACE SECTOR
access, theft or espionage
Source Security researchers are tracking to RATs that are flooding the aerospace and travel industry sectors with
This publication incorporates
open source news articles to
spear phishing email to deliver their malicious payload. The RATs goal is to infiltrate their computer
educate readers on cyber networks and then identify/exfiltrate sensitive data as COVID-weary citizens are increasingly making travel
security matters IAW USC Title
17, section 107, Para a. All plans to decompress after 12+ months of self-quarantine. Criminals have always been savvy in predicting,
articles are truncated to avoid and then profiteering off of emerging trends – and are never to be underestimated.
the appearance of copyright
infringement
Newsletter Team
Source: https://www.scmagazine.com/home/security-news/phishing/revengerat-and-aysncrat-target-
* SA Sylvia Romero aerospace-and-travel-sectors/?web_view=true
Albuquerque FBI
* CI Agent Scott Daughtry
Purple Arrow Founder
Subscription/Questions
Click HERE to request for your
JAPANESE TECHNOLOGY COMPANY CONFIRMS RANSOMWARE ATTACK
employer-provided email
address to be added to this
product’s distribution list Toshiba’s satellite company locations throughout Europe confirmed that a ransomware attack forced their
IT staff to disconnect portions of their computer network that is linked to their primary Japanese hub. The
Purple Arrow Overview
The Purple Arrow Working attack’s Indicators of Compromise (IOC) mimicked those used by Darkside ransomware group that
Group formed in 2009 to
address suspicious reporting
recently impacted petroleum deliveries in the United States last week.
originating from New Mexico
(NM) cleared companies. Purple
Arrow is a subset of the NM CI
Source: https://www.cyberscoop.com/darkside-ransomware-toshiba-hack/
Working Group
Personal Email/Foreigners
An energy company located in Oslo, Norway, which provides electricity to 44 European countries, was
The FBI will not send Purple impacted by a ransomware attack via the Ryuk ransomware group. The company did not believe its data
Arrow products to a non-United
States employer-provided email was exfiltrated by the hackers and are restoring their systems from cloud-based backup archives.
account (e.g. Hotmail, Gmail)
Source: https://www.securityweek.com/green-energy-company-volue-hit-ransomware?&web_view=true
UNCLASSIFIED
UNCLASSIFIED
Source: https://therecord.media/android-malware-found-on-huaweis-official-app-store/?web_view=true
Source: https://krebsonsecurity.com/2021/02/arrest-raids-tied-to-u-admin-phishing-kit/?web_view=true
Source: https://cyware.com/news/analyzing-the-relationship-between-social-media-and-cyber-threats-47954e5b
UNCLASSIFIED