Making Sense of Operational Technology Attacks: The Past, Present, and Future
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT...
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called...
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
Mar 19, 2024NewsroomThreat Intel / Cybercrime
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that...
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
Mar 14, 2024NewsroomRansomware / Cyber Crime
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation.
Mikhail...
How to Identify a Cyber Adversary: What to Look For
Cyber-incident attribution gets a lot of attention, for good reasons. Identifying the actor(s) behind an attack enables taking legal or political action against the adversary and helps cybersecurity researchers...
How to Identify a Cyber Adversary: Standards of Proof
COMMENTARYPart one of a two-part article.In cybersecurity, attribution refers to identifying an adversary (not just the persona) likely responsible for malicious activity. It is typically derived from collating many...
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
Mar 11, 2024NewsroomRansomware / Vulnerability
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks.
According to a new...
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
Mar 08, 2024NewsroomVulnerability / Threat Intelligence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited...
Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as part of an ongoing series...
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Mar 07, 2024NewsroomVulnerability / Web Security
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal.
The attacks, which take the form...