December 19, 2023 at 01:20PM Microsoft identified four critical vulnerabilities in the Perforce source-code management platform, allowing attackers to access a highly privileged Windows OS account, enabling remote code execution and supply chain attacks. The flaws can lead to various malicious activities, including denial-of-service attacks. Perforce has issued a patch (version 2023.1/2513900) to address these … Read more
December 19, 2023 at 08:39AM Threat actors are using GitHub for malicious activities, including hosting malware and delivering malicious commands via secret Gists and git commit messages. The use of legitimate public services allows threat actors to bypass detection tools. These novel methods can blend malicious traffic with genuine communications, making it harder to detect … Read more
December 19, 2023 at 01:03AM The Play ransomware group has impacted around 300 entities and is using a double-extortion model to attack businesses and critical infrastructure globally. Ransomware attacks are increasingly exploiting vulnerabilities, leading to a rise in ransomware-as-a-service operations. The ransomware landscape continues to evolve, with emerging groups and collaboration among cybercriminals. Key takeaways … Read more
December 14, 2023 at 11:28AM Iranian APT group OilRig has targeted Israeli organizations in 2022 through cyberattacks leveraging custom downloaders. These downloaders, using legitimate Microsoft cloud services, facilitated command-and-control communications and data exfiltration. ESET researchers warned that OilRig’s continuous development of new variants makes them a formidable threat, specializing in cyber espionage primarily in the … Read more
December 14, 2023 at 08:48AM The security operations center serves as the first line of defense against active attacks, but is often underfunded and understaffed. Dark Reading’s special report “Key Elements Enterprises Needs to Include in Modern SecOps” details the challenges facing modern enterprise security operations centers and suggests strategies for investing in tools, automation, … Read more
December 14, 2023 at 01:12AM Microsoft obtained a court order to seize infrastructure set up by cybercriminal group Storm-1152, which sold approximately 750 million fraudulent Microsoft accounts and tools to other criminal actors, netting millions of dollars. This cybercrime-as-a-service operation facilitated mass phishing, identity theft, DDoS attacks, ransomware, and fraud. The group was attributed to … Read more
December 11, 2023 at 04:30PM Cyber attackers used hundreds of convincing fake profiles on LinkedIn to target professionals in Saudi Arabia for financial fraud and obtaining sensitive corporate information. Researchers uncovered nearly a thousand fake profiles, which, due to the platform’s extensive data, were difficult to distinguish from real accounts. LinkedIn’s popularity among cyber attackers … Read more
December 11, 2023 at 11:08AM Researchers have linked the Sandman threat group, known for cyberattacks on telecom providers, to a growing network of Chinese government-backed advanced persistent threat (APT) groups. This assessment by Microsoft, SentinelLabs, and PwC reveals shared practices and overlaps in malware development, emphasizing the need for collaboration within the cybersecurity community. From … Read more
December 11, 2023 at 10:17AM A Dark Web leak site operated by the ransomware group APLHV/BlackCat was taken offline by law enforcement action on Dec. 7, confirmed by threat intelligence experts. BlackCat/ALPHV has listed over 650 companies on its site since November 2021. Law enforcement scrutiny has increased due to cyberattacks by BlackCat/ALPHV affiliates like … Read more
December 11, 2023 at 09:12AM The enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster are found to share tactical and targeting overlaps, utilizing a backdoor known as KEYPLUG. The assessment from SentinelOne, PwC, and Microsoft reveals shared infrastructure control, management practices, and design, suggesting joint functionalities. Alongside, the use of Lua-based … Read more