How to Identify a Cyber Adversary: Standards of Proof
COMMENTARYPart one of a two-part article.In cybersecurity, attribution refers to identifying an adversary (not just the persona) likely responsible for malicious activity. It is typically derived from collating many...
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
Mar 11, 2024NewsroomRansomware / Vulnerability
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks.
According to a new...
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
Mar 08, 2024NewsroomVulnerability / Threat Intelligence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited...
Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as part of an ongoing series...
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Mar 07, 2024NewsroomVulnerability / Web Security
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal.
The attacks, which take the form...
Linux Variants of Bifrost Trojan Evade Detection via Typosquatting
A 20-year-old Trojan resurfaced recently with new variants that target Linux and impersonate a trusted hosted domain to evade detection.Researchers from Palo Alto Networks spotted a new Linux variant...
Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker.
"TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks...
Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout
Mar 06, 2024NewsroomCyber Crime / Ransomware
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law...
Spoofed Zoom, Google & Skype Meetings Spread Corporate RATs
A threat actor is creating fake Skype, Google Meet, and Zoom meetings, mimicking these popular collaboration applications to spread various commodity malware that can steal sensitive data from both...
GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia
Cybercriminals have developed an enhanced version of the infamous GhostLocker ransomware that they are deploying in attacks across the Middle East, Africa, and Asia.Two ransomware groups, GhostSec and Stormous,...