Cybersecurity

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

Apr 27, 2024NewsroomCyber Attack / Malware Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file (“signal-2023-12-20-160512.ppsx”) […]

Cybersecurity

Uncorking Old Wine: Zero-Day from 2017 + Cobalt Strike Loader in Unholy Alliance

Executive Summary The Deep Instinct Threat Lab discovered a suspected targeted operation against Ukraine The operation is using CVE-2017-8570 as the initial vector The operation could not be attributed to any known threat actor The operation used a custom loader for Cobalt Strike Beacon Deep Instinct is detecting all stages of the attack Campaign Overview […]

Cybersecurity

Blackjack group used ICS malware Fuxnet against Russian targets

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets Pierluigi Paganini April 15, 2024 The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities […]

Cybersecurity

DarkBeatC2: The Latest MuddyWater Attack Framework

During the “Swords of Iron War” against Hamas terrorists, Iranian threat actors increased the intensity of their “hack and leak” fake hacktivist operations against Israeli companies in the private sector. This blog post highlights some of the recent attacks conducted and provides an analysis of “DarkBeatC2,” the latest C2 framework in MuddyWater’s arsenal. Executive Summary […]

Cybersecurity

Google Sues App Developers Over Fake Crypto Investment App Scam

Apr 08, 2024NewsroomInvestment Scam / Mobile Security Google has filed a lawsuit against two app developers for engaging in an “international online consumer investment fraud scheme” that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals […]

Cybersecurity

U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong […]

Cybersecurity

The effects of law enforcement takedowns on the ransomware landscape – Help Net Security

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The switch is obvious to Symantec’s Threat Hunter […]

Cybersecurity

Lithuania warns China has ramped up espionage campaigns

China has escalated its intelligence сampaigns against Lithuania, recruiting local spies and using cyber tools to gather information on the country’s internal affairs and foreign policy, according to a new report released by Lithuanian security services. Their activity in the country’s cyberspace has especially increased since 2021 when Lithuania announced the opening of the Taiwanese […]