Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and …
Sandworm hackers incapacitated Ukrainian power grid amid missile strike
Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. About Sandworm …
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)
The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental …
Bracing for AI-enabled ransomware and cyber extortion attacks
AI has been the shiniest thing in tech since at least November 2022, when ChatGPT was made available to the masses and unveiled the transformative potential of large language …
North Korean hackers are targeting software developers and impersonating IT workers
State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …
State-sponsored APTs are leveraging WinRAR bug
A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. …
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by …
APTs use of lesser-known TTPs are no less of a headache
APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against …
Russian APT phished government employees via Microsoft Teams
An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says …
North Korean hackers targeted tech companies through JumpCloud and GitHub
North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech …
Microsoft Exchange servers compromised by Turla APT
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised …
Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …
Featured news
Resources
Don't miss
- SafeLine: Open-source web application firewall (WAF)
- Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
- Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
- Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
- Phishers send corrupted documents to bypass email security