Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Symantec calls Redfly used the ShadowPad Trojan to compromise a national grid in an Asian […]
Software maker Adobe on Tuesday raised an alarm about new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product. As part of its scheduled batch of Patch Tuesday updates, Adobe warned that hackers are exploiting a remotely exploitable vulnerability — CVE-2023-26369 — to launch code execution attacks. Adobe describes the […]
The Canadian Nurses Association (CNA) confirmed that it is working with its members to respond to a leak of sensitive data stolen by a group of hackers earlier this year. A spokesperson for the association, which represents nearly half a million nurses across the country, told Recorded Future News it experienced a security incident on […]
There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about […]
Sep 13, 2023THNRansomware / Malware A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit (aka Bitwise Spider or Syrphid) in the target network. “3AM is written in Rust and appears […]
Ransomware gang BianLian has claimed responsibility for a cyber attack against nonprofit Save The Children International. The ransomware gang has been active since June 2022, and primarily targets critical infrastructure and healthcare organizations. In previous attacks, BianLian has extorted these organziations for their data. While the charity was not directly named by the ransomware gang, […]
Sep 13, 2023THNCyber Attack / Malware Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. The tech giant’s Threat Intelligence team is tracking the cluster under the name Storm-0324, which is also known by the monikers TA543 and Sagrid. […]
Sep 13, 2023THNEndpoint Security / Zero Day Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is […]
Sep 13, 2023THNVulnerability / Zero Day Adobe’s Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system […]