Jan 25, 2024NewsroomCyber Attack / Data Breach Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data. “The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our […]
Researchers have found strong links between the 3AM ransomware and the Conti syndicate through analysis of their infrastructure, communication channels, and attack tactics.
Cybercriminals are exploiting Twitter ads to promote cryptocurrency scams. These scams include links to Telegram channels promoting pump and dumps, phishing pages, and sites hosting malicious scripts that steal assets from connected wallets.
The group behind a sophisticated remote access Trojan, SilverRAT, has links to both Turkey and Syria and plans to release an updated version of the tool to allow control over compromised Windows systems and Android devices. According to a threat analysis published on Jan. 3, SilverRAT v1 — which currently works only on Windows systems […]
A group with links to Iran has been conducting watering-hole attacks against Israeli transportation, logistics, and technology sectors over the last two years, an investigation has uncovered. According to research by CrowdStrike released today, the cyber-espionage attacks were conducted by a state-sponsored advanced persistent threat (APT) named “Imperial Kitten” (aka Yellow Liderc, Tortoiseshell, TA456, and […]
Nov 10, 2023NewsroomCyber Attack / Cyber Threat A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks […]
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners […]
Some packages exfiltrate data via webhooks or file-sharing links, while others scan for sensitive files and directories. Users are advised to be cautious and watch for suspicious install scripts.