intelligence gathering

The notorious cyber-espionage organization Cloud Atlas has recently launched a series of spear phishing attacks targeting Russian agribusiness and state-owned research institutions. The news comes in a report from independent cybersecurity firm F.A.C.C.T., which was formed earlier this year after the former Group-IB team split.

WordPress plugin security researchers have discovered a malicious WordPress plugin capable of creating fake administrator accounts and injecting malicious JavaScript code used to steal credit card information. According to cybersecurity companies…

The Iranian state-level cyber espionage organization "MuddyWater" has resurfaced and used a new command and control framework called "MuddyC2Go" to launch attacks targeting the telecommunications industries of Egypt, Sudan and Tanzania. Symantec Threat Hunter Team…

Cybersecurity researchers have revealed the inner workings of a ransomware operation led by Mikhail Pavlovich Matveev, a Russian citizen who was indicted by the U.S. government earlier this year on charges that he engaged in...

A supply chain attack on crypto hardware wallet manufacturer Ledger resulted in the theft of $600,000 in crypto assets. The attacker obtained Ledger's npm account through a phishing attack on a resigned employee, and uploaded a malicious version of the Connect Kit module. These malicious versions spread cryptocurrency-stealing malware to other applications that rely on the module, creating software supply chain vulnerabilities.

Apple has released security patches for iOS, iPadOS, macOS, tvOS, watchOS and the Safari web browser that address multiple security vulnerabilities and retroactively fix two recently disclosed zero-day vulnerabilities for older devices.

Recently, a global attack campaign launched by the notorious North Korea-linked cyber threat group "Lazarus Group" was disclosed. This operation was named "Operation Blacksmith" and was characterized by exploiting the Log4j vulnerability (CVE-2021-44228, also known as Log4Shell) to deploy a previously unknown remote access Trojan (RAT) on target systems.

In the evolving world of cybersecurity, ransomware attacks have become a serious and widespread threat. Among the different forms of ransomware, a trend called Ransomware-as-a-Service (RaaS) is becoming increasingly prominent. This worrying development changes the cybercrime landscape, enabling individuals with limited technical capabilities to carry out destructive attacks.

New research has found that more than 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "Jacob Baines, CTO of VulnCheck (…

According to reports, North Korean state-level hacker groups Kimsuky, Lazarus Group and Andariel have stolen approximately $3 billion worth of cryptocurrency in the past six years. The hackers primarily targeted cryptocurrency exchanges, but also targeted individual users and venture capital firms.