Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
By:
Mar 23, 2023Ravie LakshmananCritical Infrastructure Security
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023.
The intrusion set...
Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
By:
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021.
The activity targeted Polish...
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency
By:
Mar 16, 2023Ravie LakshmananCyber Attack / Vulnerability
Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal...
Does Your Help Desk Know Who’s Calling?
By:
Mar 09, 2023The Hacker NewsPassword Security / Enterprise Security
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early...
Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
By:
Mar 08, 2023Ravie LakshmananAdvanced Persistent Threat
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp...
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
By:
Mar 03, 2023Ravie LakshmananThreat Intelligence / Cyber Attack
The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing...
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
By:
Mar 01, 2023Ravie LakshmananThreat Intelligence / Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates...
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
By:
Feb 28, 2023Ravie LakshmananSoftware Security / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited...
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
By:
Feb 28, 2023Ravie LakshmananRansomware / Malware
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while...
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
By:
Feb 16, 2023Ravie LakshmananCloud Security / Cyber Threat
Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a suspected...