November 27, 2024 at 11:58AM T-Mobile reported that the “Salt Typhoon” Chinese hackers attempted to infiltrate its systems by hacking routers. However, the company successfully blocked their advancement, protecting customer data. This threat group, active since 2019, has targeted several telecom companies but was thwarted in T-Mobile’s case, ensuring no sensitive data was compromised. ### … Read more
November 15, 2024 at 06:58AM Threat actors have seized over 70,000 domains, targeting well-known brands and government entities due to inadequate domain ownership verification. This highlights vulnerabilities in domain management and the risks associated with lax security measures. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Incident Overview:** Over 70,000 domains have been hijacked … Read more
October 29, 2024 at 06:01AM Canada reports that several government and critical infrastructure entities have been subjected to Chinese reconnaissance scans, indicating heightened cyber threats. ### Meeting Takeaways: 1. **Threat Acknowledgment**: Canada has reported that several government and critical infrastructure organizations are under threat from Chinese reconnaissance scans. 2. **Nature of Threat**: The reconnaissance scans … Read more
October 20, 2024 at 06:29PM Cyprus successfully thwarted a DDoS attack targeting its central online government portal, ensuring continued access for users. **Meeting Takeaways:** 1. **Incident Report**: Cyprus successfully defended against a DDoS (Distributed Denial of Service) attack. 2. **Target**: The attack was aimed at disrupting access to the government’s central online portal. 3. **Outcome**: … Read more
October 9, 2024 at 07:37PM The cyberespionage group GoldenJackal hacked air-gapped government and diplomatic PCs using custom malware twice, targeting a European government from May 2022 to March 2024 and a South Asian embassy in 2019. This Russian-speaking group has developed sophisticated tools over several years, employing various infection methods for data theft. ### Meeting … Read more
August 28, 2024 at 02:41PM The APT33 Iranian hacking group has deployed new Tickler malware to infiltrate the networks of government, defense, satellite, oil, and gas organizations in the US and the UAE. Based on the meeting notes, it appears that the APT33 Iranian hacking group has employed new Tickler malware to create backdoors in … Read more
August 24, 2024 at 03:42AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity vulnerability, CVE-2024-39717, impacting Versa Director to its Known Exploited Vulnerabilities catalog. Threat actors could upload a malicious file through the “Change Favicon” feature. Agencies are advised to apply vendor-provided fixes by September 13, 2024. CISA also highlighted other … Read more
June 25, 2024 at 09:44AM Indonesia’s national data center was hacked by a group demanding an $8 million ransom, disrupting over 200 government agencies’ services. Although some services have been restored, efforts continue, and investigations are underway to regain access to the data. The government has made it clear that they will not pay the … Read more
May 9, 2024 at 11:48AM Russian APT28 orchestrates a malware campaign targeting Polish government institutions. The attack involves tricking victims into downloading malicious files via redirection to legitimate sites. APT28’s use of legitimate services aims to avoid detection by security software. The group has also expanded its activities to target iOS devices. NATO countries recently … Read more
April 4, 2024 at 02:29PM The US Department of State is investigating a cyber incident in which a criminal known as IntelBroker claimed to have stolen and leaked classified information from national security agencies. The leaked data includes confidential communications, contact info for government and military officials, and personal details of around 100,000 victims. The … Read more