Category: Kamban

North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization’s network and asking for a ransom to not leak it. Dispatching IT workers to seek employment at companies in wealthier nations is a tactic that North Korea has been using for years as a means to obtain privileged…

The BianLian ransomware group has claimed the cyberattack on Boston Children’s Health Physicians (BCHP) and threatens to leak stolen files unless a ransom is paid. BHCP is a network of over 300 pediatric physicians and specialists operating over 60 locations across New York’s Hudson Valley and Connecticut, offering patient care in clinics, community hospitals, and…

Almost every week we add another workflow to our automation library. Our platform and copilot are helping people automate otherwise tedious tasks in security operations. Integrations between platforms traditionally involved security engineers writing custom code using application programming interfaces (APIs). For example, if you wanted to scan all your S3 buckets for public access, looking…

Insurance giant Globe Life says an unknown threat actor attempted to extort money in exchange for not publishing data stolen from the company’s systems earlier this year. Founded in 1900, Globe Life is among the largest providers of life and health insurance plans in the United States, with a market capitalization of $12 billion and…

In the realm of cybersecurity, the role of a SOC (Security Operations Center) analyst is pivotal in protecting organizations from ever-present digital threats. But what exactly does a cyber security SOC analyst do, and how do they respond to real-time threats?   What is a SOC Analyst in Cyber Security? Before we examine how a…

Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. Government agencies in the U.S., Canada, and Australia believe that Iranian hackers are acting as initial access brokers and use brute-force techniques to gain access to organizations in…

Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 vulnerabilities disclosed as actively exploited in 2023, Mandiant says 97 (70.3%) were leveraged as zero-days. This means that threat actors exploited the flaws in attacks before the…

A notorious hacker named USDoD, who is linked to the National Public Data and InfraGard breaches, has been arrested by Brazil’s Polícia Federal in “Operation Data Breach”. USDoD, aka EquationCorp, has a long history of high-profile data breaches where he stole data and commonly leaked it on hacking forums while taunting the victims. These breaches include those…

CISA has added three flaws to its ‘Known Exploited Vulnerabilities’ (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. SolarWinds Web Help Desk is an IT help desk suite used by 300,000 customers worldwide, including government agencies, large corporations, and healthcare…

The United States Department of Justice unsealed an indictment today against two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious and dangerous hacktivist group known for conducting over 35,000 DDoS attacks in a year. Since launching in 2023, Anonymous Sudan has been behind numerous high-profile DDoS attacks, causing widespread outages and the inability…