August 29, 2024 at 09:05AM Between November 2023 and July 2024, the Russian state-sponsored APT29 group, also known as “Midnight Blizzard,” utilized iOS and Android exploits in cyberattacks on Mongolian government websites. Google’s Threat Analysis Group identified the group’s use of n-day flaws that remain effective on devices not updated. APT29’s exploits overlapped with those … Read more
February 13, 2024 at 12:33AM The ‘hunter-killer’ malware tactic, named after submarine warfare, has seen a significant rise and is expected to continue growing. This ultra-evasive and aggressive malware aims to evade detection and disable cybersecurity defenses, using techniques like process injection, command and scripting interpreter, and system information discovery. The report suggests a connection … Read more
December 1, 2023 at 02:15PM Agent Raccoon, a novel .NET malware used for espionage, targets organizations globally and is linked to nation-state actors by Unit 42. It masquerades as an updater, using DNS for covert communication and includes tools for credential theft and data exfiltration, with active development indicating evolving capabilities. Meeting Takeaways: 1. A … Read more