October 4, 2024 at 03:49PM The US Department of Justice and Microsoft collaborated to take down over 100 domains linked to the Russian hacker group Star Blizzard, known for targeting journalists, non-governmental organizations, and Russia experts. This action aims to disrupt their cyber activities and protect against potential election interference. However, experts anticipate continued threats … Read more
September 18, 2024 at 06:06AM Russian antimalware company Doctor Web detected and prevented a cyberattack targeting its resources on September 14. The firm disconnected its resources to check for compromise, temporarily suspending its virus databases. Despite the attack, no Dr.Web users were affected. The company had been monitoring the attacker’s movements and has brought its … Read more
June 24, 2024 at 04:24AM Between November 2023 and April 2024, a China-linked state-sponsored threat actor named RedJuliett conducted a cyber espionage campaign targeting government, academic, and diplomatic organizations in Taiwan. They utilized various techniques, including deploying web shells and exploiting vulnerabilities, with a focus on collecting intelligence related to Taiwan’s economic policy and diplomatic … Read more
April 24, 2024 at 02:09PM Cisco issued a warning about professional, nation state-backed hackers exploiting two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. The campaign, known as ArcaneDoor, aims to exploit software defects in Cisco products, potentially exfiltrate data, and execute commands. Cisco recommended ensuring proper … Read more
April 24, 2024 at 01:10PM Cisco warns of state-backed hacking involving zero-day vulnerabilities in ASA and FTD firewalls used to infiltrate government networks globally. The cyber-espionage campaign, known as ArcaneDoor, targeted vulnerable edge devices since November 2023. Cisco discovered and fixed two zero-days – CVE-2024-20353 and CVE-2024-20359 – and urges customers to upgrade their devices … Read more
January 19, 2024 at 07:23PM Microsoft disclosed a breach in corporate email accounts, with data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The attack was detected on January 12th, and it was found that Nobelium accessed the accounts through a password spray attack in November 2023. The investigation is ongoing, and Microsoft is … Read more
December 5, 2023 at 07:22PM Fancy Bear, a Russian cyber-spy group, has been targeting US and European agencies using patched Outlook and WinRAR flaws for phishing campaigns. Microsoft and Polish Cyber Command observed unauthorized access to high-value email accounts. Over 10,000 emails were used to exploit the vulnerabilities. Proofpoint expects continued exploitation of unpatched systems … Read more
December 1, 2023 at 02:22PM Japan’s space agency, JAXA, suffered a cyberattack this past summer through a Microsoft Active Directory breach, potentially exposing sensitive data. Nation-state hackers are suspected given past incidents involving Chinese military hackers. JAXA is investigating the breach’s scope and has partially shut down its network. **Takeaways from Meeting Notes:** 1. Incident … Read more