#CyberThreats

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

by

October 28, 2024 at 01:45PM Evasive Panda, a China-linked cyber espionage group, launched a new toolset, CloudScout, targeting Taiwanese government and religious organizations. This .NET-based malware extracts data from cloud services by hijacking authenticated sessions using stolen cookies. ESET noted the malware’s modular design includes specific functions for accessing Google Drive, Gmail, and Outlook. ### … Read more

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

by

October 28, 2024 at 11:36AM A Russian espionage group, UNC5812, has been found delivering malware to the Ukrainian military through a Telegram channel called Civil Defense. The mix includes Windows and Android malware, employing tactics to influence perceptions about military recruitment. It aims to compromise devices via deceptive software and manipulation. **Meeting Takeaways – Oct … Read more

Google: Russia Targeting Ukrainian Military Recruits With Android, Windows Malware

by

October 28, 2024 at 11:23AM Google has identified a Russian cyberespionage and influence operation aimed at Ukrainian military recruits, utilizing malware affecting Android and Windows devices. The findings highlight ongoing threats to Ukraine amidst the ongoing conflict. **Meeting Takeaways:** 1. **Cybersecurity Alert**: Google has identified a cyberespionage and influence campaign originating from Russia. 2. **Target … Read more

AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign

by

October 28, 2024 at 07:17AM Chinese hackers conducted an espionage operation targeting the cellphones of Donald Trump, JD Vance, and individuals associated with Kamala Harris’s campaign, highlighting concerns over cybersecurity and political privacy. **Meeting Takeaways:** 1. **Main Event:** Chinese hackers are involved in an extensive espionage operation. 2. **Targets:** – High-profile individuals targeted include: – … Read more

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

by

October 26, 2024 at 05:12AM TeamTNT, a notable cryptojacking group, is launching a large-scale campaign targeting cloud environments to mine cryptocurrencies using compromised Docker daemons and servers. They deploy Sliver malware, offer breached computational power for rent, and have shifted tactics, indicating an evolving and mature illicit business model in the cybercrime landscape. ### Meeting … Read more

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

by

October 26, 2024 at 05:12AM Four members of the defunct REvil ransomware group have been sentenced in Russia for hacking and money laundering. Artem Zaets received 4.5 years, while Alexei Malozemov was sentenced to 5 years. Daniil Puzyrevsky and Ruslan Khansvyarov received 5.5 and 6 years, respectively, marking a rare conviction in Russia for cybercrime. … Read more

Microsoft: Healthcare Sees 300% Surge in Ransomware Attacks

by

October 24, 2024 at 05:19PM A recent study reveals that nearly 400 US healthcare organizations experienced ransomware attacks this fiscal year, leading to compromised data, operational disruptions, and increased patient volume. The average ransom paid has reached $4.4 million, highlighting healthcare’s vulnerability and the involvement of various nation-state actors in these cyberattacks. **Meeting Takeaways:** 1. … Read more

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA

by

October 24, 2024 at 07:38AM The article emphasizes the urgent need for organizations to adopt phishing-resistant multifactor authentication (MFA) as ransomware payments soar, with an average increase of 500%. Legacy MFA systems prove inadequate against evolving cyber threats fueled by Generative AI. Implementing advanced, biometric-based solutions is essential to combat this growing risk. ### Meeting … Read more

Ransomware’s ripple effect felt across ERs as patient care suffers

by

October 24, 2024 at 06:46AM This year, ransomware impacted 389 US healthcare organizations, risking patient safety and costing up to $900,000 daily in downtime. Attacks led to increased emergency cases and dwindling survival rates. Organized groups, primarily Iranian, have intensified these intrusions, facilitated by ransomware-as-a-service and geopolitical factors. **Meeting Takeaways:** 1. **Ransomware Impact on Healthcare:** … Read more

Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis

by

October 24, 2024 at 05:26AM Attackers are employing layered strategies using multiple tools like web shells and VPN compromises to maintain access to networks. Trend Micro’s analysis highlights the need for strong logging, incident response planning, and robust security measures to identify and contain threats early, preventing severe consequences like ransomware deployment. ### Key Insights … Read more