The latest work of the notorious Russian state-associated “NOBELIUM” threat group is an email phishing campaign against multiple countries and sectors, victimizing human rights organizations, governments, and think tanks. The attacks, which began in January 2021, employed a sophisticated combination of legitimate tools and services (e.g. Google Firebase, Constant Contact) and customized malicious tools. NOBELIUM has seemingly soldiered on after its compromise of SolarWinds software in 2020, and continues to show great technical capability by carefully prioritizing targets and altering methods on the fly. NOBELIUM has repeatedly demonstrated the hallmarks of a well-resourced, state-sponsored, advanced persistent threat (APT) group, and will likely continue to mature and strike often in the mid-term future (3–12 months), despite best efforts to strengthen cyberspace government.
The notorious Russia-based ransomware group “REvil” (aka Sodinokibi) has been blamed for the latest high-pr...
Most Recent Flipbooks
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
Success of UK security bill depends on Internet of Things users
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.