Yaroslav Vasinskyi, a 24-year-old Ukrainian national and affiliate of the notorious REvil ransomware-as-a-service (RaaS) group, has been sentenced to 13 years and 7 months in prison by a US court.

Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.

By automating and personalizing various aspects of the attack process, such as crafting convincing emails and creating realistic phishing pages, threat actors can deceive even the most aware users.

An investigation by Amnesty International’s Security Lab revealed that Indonesia has been procuring powerful and invasive commercial spyware and surveillance products from international vendors, brokers, and resellers.

SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable complete control or comprehensive monitoring of their usage.

The scam involved call center workers impersonating the victims’ relatives, claiming they were in legal trouble or had been in an accident, and convincing the victims to send thousands of dollars to help them.

Nation-state threat actors like Sandworm used their own dedicated proxy botnets, while APT group Pawn Storm had access to a criminal proxy botnet of Ubiquiti EdgeRouters.

According to Gartner, 63% of organizations worldwide have fully or partially implemented a zero-trust strategy. For 78% of organizations implementing a zero-trust strategy, this investment represents less than 25% of the overall cybersecurity budget.