Cyber espionage group Cloud Atlas has been trailing its sights on critical infrastructure operators in countries suffering from political conflict since its discovery in 2014. Aptly nicknamed "Inception," the group's tactic of going after nations with bigger problems than cybersecurity seems to be working, as evidenced by successful intrusions over the years. more
As far back as September 2022, Trend Micro reported that threat actors began exploiting chat apps Comm100 and LiveHelp100 to launch supply chain attacks. In a bid to help potential targets curb the problem, they publicized nine indicators of compromise (IoCs), specifically command-and-control (C&C) server addresses. more
As a New Year treat, Threat Intelligence Platform (TIP) researchers decided to look back at some of the most newsworthy cybersecurity incidents in 2022 - the Revolut Data Breach, the series of attacks launched by Lapsus$, and a newly detected PayPal phishing tactic. more
Earlier this month, ReversingLabs published a report on the current state of software supply chain security. They stated that the volume of such attacks using npm and PyPI code have increased by a combined 289% in the past four years. The research also cited two npm attacks as evidence -- IconBurst and Material Tailwind. more
Stealth is a typical goal for most threat actors when launching malware and other attacks. The better hidden a malware is, the more effective an attack becomes. And that is what fast-rising data stealer Aurora is gaining notoriety for. more
Like in many countries, Australia has been experiencing an increase in cybersecurity incidents. The Australian Cyber Security Centre (ACSC) received over 76,000 cybercrime reports during the 2021 -- 2022 financial year, an increase of nearly 13% from the previous year. more
SecurityScorecard published a report on a cyber attack that a U.S. county victim announced on 11 September 2022. With ransomware attacks against local government units increasing in the past few years, WhoisXML API researchers decided to build on the list of IP addresses related to the attacks. more
Did you know that a Magniber ransomware infection can cost you a ransom of as much as US$2,500? The operators' favored method of delivery? Fake Windows 10 updates, putting 80% of all Windows operating system (OS) users worldwide at risk. The campaign, believed to have begun in April this year, remains a threat. Are Windows 10 users the only ones at risk, though? more
The Syrian Electronic Army (SEA) is a group of threat actors that have been around since 2011. Some of their possible victims are PayPal, eBay, Twitter, media outlets, and some U.S. government websites. more
In 2018, nine Mabna hackers were indicted by a U.S. grand jury for their involvement in different instances of cybercrime. Their victims included about 320 universities and over 50 private, government, and nongovernmental organizations in several countries. more