July 24, 2024 at 05:58PM The global supply chain network has increased organizations’ interconnectedness, posing a higher risk of data breaches and security incidents involving third-party vendors. Research shows 98% of organizations have experienced third-party cybersecurity breaches in the past two years. Investments in third-party risk management programs are rising, with a focus on using … Read more
July 24, 2024 at 10:36AM CrowdStrike’s faulty security content configuration update for their Falcon sensor caused a global incident last Friday, impacting global IT teams, and disrupting business continuity. The update, designed to provide new security content to its software, triggered a Windows operating system crash. CrowdStrike released a preliminary Post Incident Review, apologized for … Read more
July 24, 2024 at 06:36AM Patchwork, a threat actor linked to cyber attacks targeting entities connected to Bhutan, has utilized the Brute Ratel C4 framework and an updated backdoor, PGoShell. Known as APT-C-09, the state-sponsored actor has a history of conducting spear-phishing and watering hole attacks against China and Pakistan. Additionally, Patchwork has employed romance-themed … Read more
July 24, 2024 at 03:04AM A Microsoft Defender SmartScreen security flaw, CVE-2024-21412, was exploited in a campaign targeting Spain, Thailand, and the U.S. to deliver ACR Stealer, Lumma, and Meduza. Attackers use booby-trapped files to drop malicious payloads, bypassing SmartScreen protection. This highlights the ongoing threat of information stealers and the need for vigilance in … Read more
July 22, 2024 at 10:13AM The US federal government has announced a ban on Kaspersky software due to cybersecurity threats and its association with Russia, reinforcing concerns over foreign software supply chain threats. Geopolitical tensions are impacting cybersecurity, necessitating organizations to consider these implications in their cybersecurity strategies and collaborate for proactive threat intelligence to … Read more
July 19, 2024 at 07:18AM Learn from Cybersixgill’s threat experts about critical underground activities and the threat actors behind them impacting organizations. Discover the crucial need for identity intelligence to mitigate risks stemming from compromised credentials and accounts in the ever-evolving cyber threat landscape. Enhance security with machine learning and AI to proactively identify and … Read more
July 19, 2024 at 04:33AM Summary: Global shipping, logistics, media, technology, and automotive organizations in various countries are targeted by China-based APT41 hacking group, using web shells, custom droppers, and publicly available tools for unauthorized access and data exfiltration. Meanwhile, another threat group, GhostEmperor, is using a variant of the Demodex rootkit in a cyber … Read more
July 18, 2024 at 04:03PM Ransomware Awareness Month in July raises awareness of ransomware as a top cyber threat. The recent attacks on CDK Global by the BlackSuit group demonstrate the severity, impacting 15,000 auto retailers. There’s been a 29% increase in ransomware attacks in Q1 2024, emphasizing the urgency for organizations to prioritize good … Read more
July 17, 2024 at 05:06AM APT17, a China-linked threat actor, targeted Italian companies and government entities using a variant of known malware, 9002 RAT. Two attacks occurred on June 24 and July 2, 2024, leveraging spear-phishing lures to prompt victims to download an MSI installer for Skype for Business, which triggered the execution of 9002 … Read more
July 16, 2024 at 02:15PM The Scattered Spider cybercrime group, also known as Octo Tempest, is now utilizing RansomHub and Qilin ransomware variants in its attacks. This showcases a potential power shift among hacking groups. Microsoft has identified Scattered Spider as a sophisticated and threatening group, accounting for a significant portion of its investigations. Additionally, … Read more