The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a joint advisory on Wednesday that stated that the Chinese state-sponsored Volt Typhoon hacking group retains persistent …
JumpCloud Cyberattack Linked to North Korean Hackers
Cybersecurity company SentinelOne has attributed the recent JumpCloud cyberattack to North Korean advanced persistent threat (APT) actors. JumpCloud stated that a spear-phishing email campaign …
Continue Reading about JumpCloud Cyberattack Linked to North Korean Hackers
Chinese spies breached hundreds of public, private networks, security firm says
Mandiant stated on Thursday that they have "high confidence" that the Chinese-backed group UNC 4841 is behind the exploitation of Barracuda Network's Email Security Gateway. Starting in October 2022, …
Microsoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure
Microsoft detected Chinese state-backed hackers implementing cyberespionage malware in Guam. The small U.S. territory hosts a large military presence and is key to U.S. strategic depth in the Pacific. …
Continue Reading about Microsoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure
China ‘Innovated’ Its Cyberattack Tradecraft, Mandia Says
Last year more than a dozen Fortinet FortiGate firewalls crashed and failed to properly reboot at a defense industry organization. This was the first sign that intruders had deeply infiltrated the …
Continue Reading about China ‘Innovated’ Its Cyberattack Tradecraft, Mandia Says
Malware is Proliferating, but Defenses are Stronger: Mandiant
Threat groups are on the rise, and Google Cloud’s cyber defense unit Mandiant is tracking 3,500 of them. Mandiants’s M-Trends 2023 report found organizations faced intrusions by advanced groups, which …
Continue Reading about Malware is Proliferating, but Defenses are Stronger: Mandiant
Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives
Cyber espionage group UNC4191 has been observed leveraging self-replicating malware spread via USB drives to infect entities in Southeast Asia, Asia-Pacific, Europe, and the US. According to security …
Continue Reading about Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives
This old malware has been rebuilt with new features to use in ransomware attacks
Security company Mandiant has discovered that a new variant of the Ursnif malware, also known as Gozi, has repurposed into a backdoor trojan that has been described as very dangerous. The backdoor …
Evil Corp hackers evolve ransomware tactics to dodge US sanctions
The Russia-based cybercriminal group known as Evil Corp has shifted to a ransomware-as-a-service model in an effort to skirt U.S. sanctions, according to research from cybersecurity firm Mandiant. The …
Continue Reading about Evil Corp hackers evolve ransomware tactics to dodge US sanctions
Cyberattacks and misinformation activity against Ukraine continues say security researchers
The cyber offensive against Ukraine continues with malware attacks and the spread of misinformation, according to security researchers. So far, Russian, pro-Russian, and Belarusian cyberattackers have …