December 11, 2023 at 05:54AM The BlackCat and Alphv ransomware group’s leak website has been offline for days, believed to be taken down by law enforcement. RedSense reports confirmation by BlackCat’s affiliates and other top-tier groups. The cybercriminals expect a restoration soon, with limited impact on their operation. BlackCat has been active and listed major … Read more
December 8, 2023 at 08:10PM The Dark Web leak site operated by the ransomware group ALPHV/BlackCat was taken offline on Dec. 7, possibly due to law enforcement action. RedSense Intelligence confirmed the takedown on social media, but its verification is pending. The group has targeted over 650 companies. Law enforcement is under scrutiny for not … Read more
December 8, 2023 at 10:18AM Russian threat actor APT28 is exploiting a no-interaction Outlook vulnerability in attacks across 14 countries. This was reported on SecurityWeek. Based on the meeting notes, the key takeaway is that a Russian threat actor known as APT28 has been utilizing a zero-click Outlook exploit to carry out attacks on 14 … Read more
December 7, 2023 at 06:23PM Cybersixgill has launched new features for its cyber threat intelligence platform, including an Identity Intelligence module for compromised account monitoring, an improved Alerts page for faster threat response, and OSV Support for open-source vulnerability awareness. These tools aim to enhance threat detection, decision-making, and pre-emptive action to protect against cyber-attacks. … Read more
December 7, 2023 at 02:11PM Trend Vision One™ – Forensics, integrated into the Trend Vision One platform, transforms cyber forensics for organizations like the City of Columbia and Trend’s global IR teams by streamlining evidence collection, improving response times, and enhancing global collaboration, ultimately bolstering cybersecurity efforts and operational efficiency. Meeting Summary: **Subject**: Cyber Threats … Read more
December 7, 2023 at 01:31PM CISA and ENISA, US and EU cybersecurity agencies, will enhance collaboration by sharing threat intelligence, best practices, and legislative approaches to improve cyber defenses. This agreement includes cybersecurity training and awareness programs. Additionally, the EU progresses with the Cyber Solidarity Act, aiming for stronger cyberattack response coordination across member states. … Read more
December 7, 2023 at 12:52PM Krasue, an undetected Linux RAT used for nearly two years to infiltrate Thai organizations, employs stealth through a rootkit supporting various Linux kernels, obscuring its presence and communications. Created by the XorDdos authors, it aims to maintain system access and likely spreads through vulnerability exploitation or credential brute-forcing. Group-IB suggests … Read more
December 7, 2023 at 09:31AM Security experts found a previously undetected malware named Krasue, targeting Linux systems in Thai telecoms since 2021. Krasue includes seven rootkit variants, based on open-source code, to remain undetected and ensure persistent access, possibly through botnets. Its origin is unknown, but it shares similarities with XorDdos malware. Group-IB provided detection … Read more
December 7, 2023 at 04:22AM Modern Attack Surface Management (ASM) is essential for CISOs as traditional methods can’t keep up with evolving digital threats and cloud-based environments. Modern ASM solutions should offer continuous, real-time discovery and contextual risk assessments across all environments. Trend Vision One™ provides comprehensive, automated ASM with total visibility, prioritization, and remediation … Read more
December 6, 2023 at 02:48PM At the Black Hat Europe 2023 event, Ollie Whitehouse of the NCSC stated that current cybersecurity is inadequate to counter advanced threats. He criticized security vendors for creating closed ecosystems with up-charges for better security and lacking transparency, especially regarding SaaS vulnerabilities. He advocated for basic security improvements and greater … Read more