China’s ‘Velvet Ant’ APT Nests Inside Multiyear Espionage Effort

June 17, 2024 at 01:02PM China’s Velvet Ant cyber-espionage group executed a persistent and adaptable campaign to steal data from a large East Asian company. Despite eradication attempts by security researchers at Sygnia, the threat actor maintained footholds within the victim’s network for years. The group utilized legacy and unmonitored systems, deploying malware and backdoors … Read more

LockBit dethroned as leading ransomware gang for first time post-takedown

May 22, 2024 at 07:03AM After the takedown of LockBit in February, rival gang Play has surpassed it in attacks, marking a shift after eight months of LockBit dominance. Law enforcement’s disruption claims seem validated as LockBit’s attacks drop significantly. Global ransomware activity decreased by 15% month-on-month, with North America and Europe remaining the top … Read more

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

December 18, 2023 at 10:09AM CISA conducted a cybersecurity assessment for a healthcare and public health organization, finding no significant exploitable conditions but identifying weak passwords and other security issues. CISA is sharing the results with the sector to improve cybersecurity posture. The report includes mitigation recommendations and urges organizations to review and apply them. … Read more

Bad Bots Account for 73% of Internet Traffic: Analysis

November 16, 2023 at 11:45AM Arkose Labs has analyzed bot attacks from January to September 2023 and found that 73% of internet traffic is comprised of Bad Bots and related fraud farm traffic. The top five categories of Bad Bot attacks are fake account creation, account takeovers, scraping, account management, and in-product abuse. The industries … Read more