U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

October 18, 2024 at 08:00AM Australian, Canadian, and U.S. cybersecurity agencies revealed a year-long Iranian cyber campaign targeting critical infrastructure, employing brute-force and password spraying attacks. Techniques like MFA prompt bombing were used for infiltrating systems in healthcare, government, and energy sectors, aiming to acquire credentials for further cybercriminal activities. ### Meeting Takeaways – October … Read more

US Sees Iranian Hackers Working Closely With Ransomware Groups

August 29, 2024 at 04:42AM Iranian state-sponsored hackers collaborate with ransomware groups to target US organizations since 2017. In a joint advisory, CISA, FBI, and DC3 state that the hackers assist the groups by providing network access for data encryption and extortion, receiving a ransom percentage. The hackers are associated with Pay2Key attacks, targeting Israel-based … Read more

Cybersecurity Industry Leaders Launch the Cyber Threat Intelligence Capability Maturity Model

August 8, 2024 at 05:24AM Intel 471 partnered with 28 industry leaders to launch the Cyber Threat Intelligence Capability Maturity Model (CTI-CMM). This model aims to support organizations in building mature Cyber Threat Intelligence (CTI) programs. It emphasizes the importance of aligning CTI capabilities with stakeholder needs and provides shared values and principles for the … Read more

BlankBot Trojan Targets Turkish Android Users

August 7, 2024 at 02:02AM A threat intelligence firm discovered a malicious Android program, BlankBot, targeting Turkish-language speakers. It can capture screen grabs, keystrokes, and create custom overlays to gather sensitive information. The program is under active development and mostly undetected by anti-malware scanners. Its motive for targeting Turkey is unclear, but it appears to … Read more

Third-Party Cyber Attacks: The Threat No One Sees Coming – Here’s How to Stop Them

June 6, 2024 at 08:30AM Cybersixgill’s threat experts shed light on the critical threats posed by supply chain attacks, targeting organizations’ third-party vendors and suppliers. These attacks provide unauthorized access to sensitive information, resulting in financial losses, data breaches, and operational disruptions. With an increasing number of cybercriminals targeting the supply chain, it is essential … Read more

Knight ransomware source code for sale after leak site shuts down

February 20, 2024 at 11:30AM The alleged source code for the third version of the Knight ransomware, previously known as Cyclops, is being sold to a single buyer on a hacker forum by a representative of the operation. The sale includes the source code of the panel and the locker, written in Glong C++. Version … Read more

Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks

February 5, 2024 at 02:28PM Journalists, lawyers, and activists in Jordan are targeted by state-sponsored surveillance using the Pegasus spyware app, violating privacy and freedom of expression. Jordan’s new cybercrime law has been criticized as vague and ripe for abuse, while the NSO Group, which creates Pegasus, emphasizes its role in preventing terrorism and serious … Read more

Interpol’s latest cybercrime intervention dismantles ransomware, banking malware servers

February 2, 2024 at 08:07AM Interpol’s Operation Synergia led to the arrest of 31 people in 55 countries, targeting cybercrime. More than 1,300 malicious servers were identified, with significant dismantlement of command and control infrastructure. The operation also revealed partnerships with private sector players such as Group-IB and support from various cybersecurity organizations. This followed … Read more

XM Cyber Launches Kubernetes Exposure Management to Intelligently Protect Critical Container Environments

November 29, 2023 at 06:12PM XM Cyber has launched new features for managing exposure risks in Kubernetes environments, offering real-time insights into vulnerabilities for security teams. This enhances protection across hybrid clouds by integrating into XM Cyber’s Attack Graph Analysis. It provides complete visibility, prioritizes fixes, and supports quick deployment. The tools address a significant … Read more

Accenture Expands Cybersecurity Services Capabilities in Latin America With Acquisition of MNEMO Mexico

October 24, 2023 at 04:48PM Accenture has acquired MNEMO Mexico, a managed cybersecurity services company based in Mexico City. MNEMO Mexico has a team of 229 cybersecurity professionals and offers advanced cyber defense and response capabilities. The acquisition will help Accenture expand its business in Mexico and Latin America and meet the growing demand for … Read more