cyber espionage
Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell …
Stealthy APT group plunders very specific corporate email accounts
An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …
New cyberespionage campaign targeting ISPs, research entities
ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits …
War in Ukraine: What type of cyber attacks can we expect next?
The cyber activities related to the ongoing war in Ukraine have run the gamut from wiper malware hitting organizations and the border control in Ukraine, DDoS attacks aimed at …
The rise of the super malicious insider: Yes, we need to worry
DTEX Systems announced the release of a report which identifies a significant increase in industrial espionage incidents and the rise of the super malicious insider persona, …
DazzleSpy: macOS backdoor delivered through watering hole attacks
In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio …
Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …
77% of rootkits are used for espionage purposes
In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …
Smartphone counterespionage for travelers
If you’re traveling abroad on business, there’s a good chance you’ll need to bring along a smartphone to get around, meet up with associates or learn about the idiosyncrasies …
CVE-2021-40444 exploitation: Researchers find connections to previous attacks
The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been …
Belgium’s Interior Ministry uncovers 2-year-long compromise of its network
Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.” …
What contractors should start to consider with the DoD’s CMMC compliance standards
Q1 2021 has been a tumultuous period in our era of cyber espionage. The Center For Strategic & International Studies (CSIS), which has been tracking “significant cyber …
Featured news
Resources
Don't miss
- When companies merge, so do their cyber threats
- Strategic AI readiness for cybersecurity: From hype to reality
- Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques
- The future of authentication: Why passwordless is the way forward
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected