Sep 22, 2023THNCyber Attack / Malware Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022. The campaigns, dubbed Outer Space and Juicy Mix, entailed the use of two previously documented first-stage backdoors called Solar and Mango, which were deployed to collect […]
Sep 20, 2023THNMalware Attack / Cyber Threat Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. “Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity,” enterprise security firm Proofpoint […]
Sep 19, 2023THNCyber Attack / Threat Intel Targets located in Azerbaijan have been singled out as part of a new campaign that’s designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor or […]
Sep 18, 2023The Hacker NewsIdentity Threat / Attack Surface When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) […]
Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service outages preventing trucking companies from managing their fleets.
Multiple prominent government ministries in Colombia are responding to a ransomware attack that is forcing officials to make significant operational changes. This week, the Ministry of Health and Social Protection, the country’s Judiciary Branch and the Superintendency of Industry and Commerce announced that a cyberattack on technology provider IFX Networks Colombia had caused a range […]
Sep 18, 2023THNCyber Attack / Data Breach Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it […]
A ransomware attack on a third-party supplier has compromised the personal details of thousands of officers with Greater Manchester Police (GMP) in North West England. Although neither financial information nor home addresses were exposed in the incident according to GMP, the risk of officers’ personal details being obtained by organized crime groups — including those […]
Sep 15, 2023THNCyber Attack / Password Security Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, […]