Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy.
A new wave of phishing is currently circulating (a related story from derstandard.at newspaper can be found here). Documents are said to have been sent to you from a scanner, which you can allegedly download, as can be seen in the following image
Killnet makes three announcements The past month seemed to be a turning point for the pro-Russian hacktivist group “Killnet”—and it was very eager to tell the world about it. First, on July 27, “Killmilk”—the founder and the head of the group who led its transformation from a DDoS-for-hire outlet i
The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.
ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus group.
North Korean hackers from the Lazarus group have been using a signed malicious executable for macOS to impersonate Coinbase and lure in employees in the financial technology sector.
One, if not the main, challenge with producing good intelligence is to have access to the right information at the right moment. The right telemetry from the right angle helps you to detect and dig…
CHARGING MY LASER! Since the first quarter of 2022, there has been a significant increase in hacktivism worldwide.
Recently Twilio, the company that provides Signal with phone number verification services, suffered a phishing attack. Here's what our users need to know:
All users can rest assured that their message history, contact lists, profile information, whom they'd blocked, and other personal data remain private and secure and were not affected.
For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio. 1,900 users is a very small percentage of Signal’s total users, meaning that most were not affected.
Cloud giant DigitalOcean says that some customers’ email addresses were exposed because of a recent “security incident” at email marketing company Mailchimp. In a scant blog post dated August 12, just two days after the company’s co-founder and long-time CEO Ben Chestnut stepped down, Mailchimp said a recent but undated attack saw threat actors targeting […]
The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Increased targeting of developing and middle-income countries by ransomware actors presents a challenge to political resilience, economic development and global cyber security.
Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can (and should) download now.
In macOS 12.0.1 Monterey, Apple fixed CVE-2021-30873. This was a process injection vulnerability affecting (essentially) all macOS AppKit-based applications. We reported this vulnerability to Apple, along with methods to use this vulnerability to escape the sandbox, elevate privileges to root and bypass the filesystem restrictions of SIP.
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Cisco confirmed on Wednesday that it was attack by the Yanluowang ransomware group in May, but said the hackers were not able to steal sensitive data or impact the company’s operations.
In a statement to The Record, Cisco said the incident occured on their corporate network in late May and that they “immediately took action to contain and eradicate the bad actors.”
Unusually resourced threat actor has targeted multiple companies in recent days.
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
