March 26, 2024 at 06:42AM The UK and New Zealand have linked cyberattacks on their respective parliaments to Chinese state-sponsored threat actors. The US also sanctioned Chinese hackers and a technology company involved in malicious cyber operations. The UK claims that a tech firm operated on behalf of the Chinese Ministry of State Security and … Read more
March 26, 2024 at 05:33AM UK’s Deputy Prime Minister, Oliver Dowden, asserts that China’s attempts to undermine UK elections were unsuccessful. The cyberattack on the 2021 Electoral Commission compromised voters’ data. China-linked APT31 targeted UK parliamentarians, prompting sanctions by the UK and US. The National Cyber Security Centre (NCSC) updated its guidance, and China is … Read more
March 21, 2024 at 07:46AM Leicester City Council is dealing with a suspected ransomware attack, referred to as a “cyber incident.” Key details have not been confirmed, causing frustration among experts and residents. Recovery efforts are ongoing, with some services restored but extended delays. The council urges residents to use its website and contact only … Read more
March 7, 2024 at 03:32PM The NCSC of Switzerland reported a data breach at Xplain caused by a ransomware attack, impacting thousands of sensitive government files. The Swiss government confirmed 65,000 leaked documents, with the majority affecting the Federal Department of Justice and Police. An investigation is ongoing, with results and cybersecurity recommendations expected to … Read more
February 27, 2024 at 04:56PM The threat group “Midnight Blizzard,” associated with Russian intelligence services, has shifted tactics, targeting cloud environments at organizations. Strategies include exploiting automated cloud services accounts, dormant accounts, and using OAuth tokens and MFA bombing attacks for unauthorized access. Mitigations recommended include multifactor authentication, strong passwords, and least privilege principles for … Read more
February 26, 2024 at 07:26AM Summary: The advisory details the recent tactics of the APT29 cyber espionage group, attributed to the SVR, targeting cloud infrastructure. It outlines their previous activity and evolving techniques, such as accessing service and dormant accounts, using cloud-based token authentication, enrolling new devices to the cloud, and using residential proxies. Mitigation … Read more
February 7, 2024 at 04:02AM Chinese state-backed hackers targeted the Dutch armed forces’ computer network using a known critical security flaw in Fortinet FortiGate devices, resulting in the deployment of COATHANGER malware for persistent remote access. The Dutch Military Intelligence and Security Service confirmed the breach, marking the first public attribution of a cyber espionage … Read more
February 6, 2024 at 12:17PM Dutch authorities have attributed an attempted cyberattack on the Ministry of Defense to Chinese state-sponsored hackers, uncovering a previously unseen malware named Coathanger. The remote access trojan was specifically designed to target Fortinet’s FortiGate firewalls and was difficult to detect using traditional methods. The attackers’ wide and opportunistic scans exploited … Read more
February 5, 2024 at 06:27AM The current challenge in cyber security lies in the lack of effective risk management platforms, leading to alert fatigue and unmitigated risks. Combining NIST, MITRE, and NCSC frameworks offers a solution to mitigate these risks and enable proactive threat response. The SHQ Response Platform incorporates these frameworks to simplify risk … Read more
January 24, 2024 at 01:34AM The UK National Cyber Security Centre (NCSC) suggests that by 2025, AI could significantly enhance attackers’ tools, making malware harder to detect and enabling quicker identification of valuable data for extortion. The report warns of increased cyber attacks, predicts AI’s widespread use by cyber criminals, and emphasizes the need to … Read more