December 12, 2023 at 05:30PM Kyivstar, the largest mobile network operator in Ukraine, suffered a massive cyberattack disrupting mobile and internet communications for millions. CEO Oleksandr Komarov attributed the attack to the war with Russia, impacting its IT infrastructure and air raid alert system. The attack is believed to be the largest in the history … Read more
December 12, 2023 at 10:47AM Ukraine’s largest telecom provider, Kyivstar, suffered a cyberattack impacting over 25 million subscribers, causing mobile and internet service disruption. The company attributed the attack to hackers, involving law enforcement. There’s speculation of Russian involvement amid the ongoing conflict. Subscribers can access Vodafone Ukraine’s roaming services, and utilize internal roaming during … Read more
December 12, 2023 at 06:00AM A recent phishing campaign delivering the MrAnon Stealer malware via innocuous booking-themed PDFs targets Germany, capturing credentials, system info, browser sessions, and cryptocurrency extensions. Disguised as a hotel booking company, the malicious email prompts victims to download an “Adobe Flash update,” leading to the execution of harmful scripts. The malware … Read more
December 11, 2023 at 09:12AM The enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster are found to share tactical and targeting overlaps, utilizing a backdoor known as KEYPLUG. The assessment from SentinelOne, PwC, and Microsoft reveals shared infrastructure control, management practices, and design, suggesting joint functionalities. Alongside, the use of Lua-based … Read more
December 9, 2023 at 02:36AM Threat hunters expose GuLoader malware’s evolving obfuscation tactics, making analysis time-consuming. Used in phishing campaigns, it distributes various payloads and is continually updated to evade security measures. Similar updates seen in DarkGate RAT, showcasing the sophistication and adaptability of modern malware threats. Remote access trojans are leveraging novel email-based infection … Read more
December 7, 2023 at 05:39PM East River Medical Imaging (ERMI) notified individuals of a data breach after detecting unusual activity in their IT network on September 20. The breach happened between August 31 and September 20, potentially exposing personal and medical information. ERMI is offering credit monitoring and has enhanced cybersecurity in response. Meeting Takeaways: … Read more
December 7, 2023 at 10:28AM Star Blizzard, believed to be linked to Russia’s FSB, continues targeted spear-phishing attacks for intelligence gathering. They impersonate trusted contacts using researched information to deceive individuals and organizations in the UK and beyond. Numerous cyber security agencies warn of their expanded targeting since 2019, including the defense industry and energy … Read more
December 5, 2023 at 06:59PM HTC Global Services confirmed a cyberattack after the ALPHV ransomware gang started leaking stolen data. The IT services provider, servicing multiple industries, acknowledged the breach on social media and is working with experts to resolve the issue. The alleged stolen data includes personal and confidential information. Cybersecurity expert Kevin Beaumont … Read more
December 5, 2023 at 04:26PM Tipalti denies a cybersecurity breach despite BlackCat/ALPHV’s claims of having accessed and stolen data. The extortion attempt, citing a research piece on ransom payment, hasn’t swayed Tipalti. Their investigation with third-party experts found no breach evidence, and Roblox, a customer mentioned by the group, hasn’t commented. Meeting Summary: – Tipalti, … Read more
December 5, 2023 at 12:47PM CISA reported two server breaches at a federal agency due to an unpatched Adobe ColdFusion flaw (CVE-2023-26360). The attackers exploited the vulnerability for reconnaissance and malware deployment, but their further malicious activities were hindered. The incidents occurred months after agencies were ordered to patch the flaw, and the attackers’ identities … Read more