March 6, 2024 at 02:15AM A new cyber attack targeting a financial entity in Vietnam was linked to Lotus Bane, an advanced persistent threat group with methods overlapping those of OceanLotus. This suggests possible connections with or inspirations from OceanLotus, though the different target industries indicate potential differences. Financial organizations worldwide have been targeted by … Read more
March 1, 2024 at 02:33AM The Five Eyes intelligence alliance issued a cybersecurity advisory warning about cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. They cautioned that the Integrity Checker Tool may provide a false sense of security, allowing threat actors root-level persistence despite factory resets. Ivanti … Read more
February 29, 2024 at 07:09AM Staying ahead in cybersecurity is crucial for IT leaders in protecting organizations. The text discusses the impact of data breaches, increasing cybersecurity spending, and maximizing cybersecurity resources. It highlights the importance of a risk-based approach, focusing on external attack surfaces, end user credentials, vulnerability remediation, and threat intelligence to optimize … Read more
February 29, 2024 at 01:27AM China-linked cyber espionage clusters UNC5325 and UNC3886 have exploited security flaws in Ivanti Connect Secure VPN appliances. They delivered new malware, maintained persistent access, and leveraged zero-day flaws to deploy implants targeting defense, technology, and telecommunication organizations in the U.S. and Asia-Pacific. Volt Typhoon and UTA0178 were also attributed to … Read more
February 28, 2024 at 09:07AM A new threat actor executes an innovative investment scam through a sophisticated traffic distribution system (TDS), leveraging the DNS to sustain ever-changing malicious domains. The scam impersonates major brands, luring victims through multilingual Facebook ads. The TDS, supported by CNAME records, provides resilience and evasion against takedowns, posing a significant … Read more
February 27, 2024 at 06:15AM Security Operations Centers (SOC) professionals rely on processing alerts swiftly. Threat intelligence platforms, such as ANY.RUN’s Threat Intelligence Lookup, facilitate SOC investigations by providing access to threat data and enhancing threat analysis. These platforms offer deeper visibility into threats, faster alert investigations, proactive threat hunting, and support informed decision-making. From … Read more
February 27, 2024 at 05:45AM Cybersecurity and intelligence agencies from the Five Eyes nations have issued a joint advisory on the evolving tactics of the Russian state-sponsored threat actor APT29, also known by several aliases. The advisory details the group’s affiliation with the SVR and their targeting of organizations through cloud-based infrastructure and techniques such … Read more
February 26, 2024 at 10:58AM Open-source security tools are valuable for exploring practice areas and associated technologies, but deploying them for enterprise security needs can lead to higher Total Cost of Ownership (TCO) than enterprise-ready solutions. Scaling, performance, management, and support challenges make it crucial to prioritize enterprise-ready solutions for production environments, especially in threat … Read more
February 26, 2024 at 08:51AM The LockBit ransomware operators faced law enforcement disruption, seizure of servers, and the arrest of individuals. Authorities obtained decryption keys and offered rewards. LockBitSupp launched a new leak site, attributing the takedown to a PHP flaw and announced improvements. LockBit faced decline and struggles attracting affiliates. The true masterminds behind … Read more
February 23, 2024 at 03:52PM Palo Alto Networks introduces a new Cortex platform offer for endpoint security, helping organizations upgrade their protection against cyberthreats. This offer includes a “no-cost” period and professional services for a smooth transition to Cortex XDR. The platform is recognized for its effectiveness in identifying and addressing threats. The limited-time offer … Read more