- In the spotlight: An unidentified threat actor has obtained data from various personal Outlook, MSN, and Hotmail email accounts by compromising a Microsoft customer support account. The incident highlights the risks of high-privilege accounts; future uses for the stolen data could include phishing campaigns, resale on cybercriminal markets and forums, or direct monetization and extortion.
- Also this week, the “Triton” malware was detected at a critical infrastructure facility, an IT outsourcing company experienced a potential network intrusion linked to a supply-chain attack, and a new trojan referred to as Hoplight has been attributed to the “Lazarus Group”.
- Looking ahead: Ideologically motivated threat actors connected to Catalan separatism will likely conduct hacktivist operations in the run-up to the Spanish general election, and it is realistically possible that a United Nations event on multilateralism will be targeted by cyber espionage groups.
In the spotlight: Information about APT34, including victim data, personally identifiable information belon...
Most Recent Flipbooks
A cyber-espionage campaign was found targeting the Vietnamese military and government, as well as other sectors and some entities in Thailand and Central Asia.
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only a few US dollars.
Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware.
The new Internet of Things (IoT) botnet ZHtrap has been turning devices it has infected into honeypots, in a novel technique that highlights yet another risk presented by exposed IoT devices.
Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber attacks taking place in the week following their discovery.
A new round of software attacks has raised another red flag concerning supply-chain security and the prevalence of third-party supply-chain targeting.
The French National Cybersecurity Agency (ANSSI) identified a new “Ryuk” ransomware variant that has the capability to self-propagate across victim networks.
The People’s Republic of China-linked advanced persistent threat group “APT31” reportedly cloned and deployed a zero-day exploit developed by NSA's Equation Group in 2013.
An unidentified attacker accessed the computer systems of a water treatment facility in the US, altering sodium hydroxide levels in the potable water supply.
Following the disclosure of the SolarWinds supply-chain compromise in December 2020, details continue to emerge about the scale of the attack.
The North Korean advanced persistent threat (APT) group “ZINC” has been targeting cyber-security professionals with social engineering that leads to malware delivery.
A new web portal is aiding cyber-threat incident responders by detailing vulnerabilities in popular malware.
Technical analysis of a cyber-threat campaign using the dangerous and widespread “Lokibot” malware has revealed an updated method being used to conduct sophisticated attacks.
A cyber-security firm released a free decryptor for the popular and sophisticated “DarkSide” ransomware.
The cyber-security industry learned some valuable lessons during the unique and unprecedented year of 2020.
The notorious Automated Vending Cart (AVC) website Joker’s Stash allegedly displayed a notification that the site was seized by law-enforcement agencies.
SolarWinds confirmed that its network management system, Orion Platform, was exploited to conduct a highly sophisticated, manual supply-chain attack.
A global spearphishing campaign targeted organizations associated with a COVID-19 vaccine cold chain.
A threat actor recently hijacked a vulnerable WordPress website set up by a security researcher.
The operators of the “RagnarLocker” ransomware began an advertising campaign on Facebook to further extort the victim of one of their recent attacks.