Month: February 2024
Feb 20, 2024NewsroomDark Web / Cybercrime An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the…
Read MoreDiscover the essence of threat intelligence — a linchpin for modern cybersecurity. It guides teams to identify and thwart potential threats, distinguishing between cyber and physical realms. External intel, like OSINT, broadens perspectives on emerging threats, but despite challenges, it empowers decision-making, prioritizes resources, and stays ahead of adversaries. In a trio of strategic, operational,…
Read MoreEU Court of Human Rights Rejects Encryption Backdoors The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights: Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was “necessary” to combat terrorism in a democratic society. To…
Read MoreMeta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.…
Read MoreVulnerable webmail servers seem to be a part of the general modus operandi the Russian hackers use for espionage campaigns. Previously in June 2023, another Russian state-sponsored cyber espionage group BlueDelta (aka FancyBear, APT28) was targeting vulnerable Roundcube installations across Ukraine and had also exploited CVE202323397, a critical zero-day vulnerability in Microsoft Outlook in 2022,…
Read MoreDid you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how it’s become the most effective technology to detect cyber…
Read MoreFeb 19, 2024NewsroomMalware / Mobile Security The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. “Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play’s enhanced detection and protection mechanisms,” ThreatFabric said…
Read MoreFeb 19, 2024NewsroomCyber Espionage / Vulnerability Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future,…
Read MoreMicrosoft recently released a security news update that addresses chilling reports that attackers have been able to pivot from a test tenant to the C suite to obtain access to emails being sent and received. In addition, it came to light that HPE’s corporate mailboxes had been accessed using a similar exploit. Both appear to…
Read MoreFeb 19, 2024NewsroomMalware / Cyber Espionage The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda, has a…
Read More