Tag: CLOUD

Iran and Russia deepen cyber ties with new agreement
Summary: A recent agreement between Iran and Russia aims to enhance military, security, and technological cooperation, particularly in cybersecurity and internet regulation. The deal, signed by leaders of both nations, seeks to formalize their close ties and establish stronger control over the digital space. Both countries, known for their restrictive internet policies, plan to collaborate on countering cybercrime and managing national internet segments.…
Read More

Victim: ilemgroup.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/823476cb-66c0-4a28-9ae7-021ef226cd7a/ Discovered: 2025-01-22 14:48:02.057309 Published: 2025-01-22 14:46:52.636515 Description : Technology company specializing in IT solutions Main areas: IT system integration, software development, data management, cloud services, and cybersecurity Based in Switzerland and Morocco Helps businesses improve through innovative technological strategies Offers digital transformation and tech consultancy services Focus on quality and efficiency

About Country: United States

– Cybersecurity Framework: The US has developed a comprehensive cybersecurity framework led by the National Institute of Standards and Technology (NIST), which helps organizations manage and reduce cybersecurity risk.…

Read More
Trump administration removes private sector leaders from all DHS panels, including CSRB
Summary: The Trump administration has removed private sector members from all Department of Homeland Security (DHS) committees, including the Cyber Safety Review Board (CSRB), in a move aimed at prioritizing national security. This decision comes as the CSRB investigates the Salt Typhoon hacks, attributed to Chinese-linked attackers, which have affected multiple telecommunications companies.…
Read More
Cyber Insights 2025: APIs – The Threat Continues
Summary: SecurityWeek’s Cyber Insights 2025 highlights expert predictions regarding the increasing vulnerabilities associated with APIs as their usage expands. As organizations adopt more SaaS applications and AI-driven tools, APIs are becoming prime targets for cybercriminals, leading to a significant rise in API-related breaches. Experts emphasize the urgent need for improved API security measures to combat these evolving threats.…
Read More
Hidden Threats of Game Assistants | Analysis Report on the “Catlavan” Backdoor Spread in Gaming Forums
As the user base for online gaming grows, so does the gray market for cheats and auxiliary software, which has also led to the spread of malware. A breakthrough in malicious file detection technology by BinaryAI identifies a recent attack targeting users in Russian-based gaming environments, linked to a backdoor named “Catlavan.”…
Read More
Targeted supply chain attack against Chrome browser extensions
This article discusses a supply chain attack on Chrome browser extensions that began in December 2024, where attackers exploited a phishing vulnerability to inject malicious code. This breach compromised a number of extensions, risking sensitive user data including authentication tokens. Investigations revealed the attackers’ sophisticated methods and infrastructure, highlighting the ongoing threats posed by such supply chain vulnerabilities.…
Read More
[Virtual Event]: Cybersecurity’s Most Promising New and Emerging Technologies
Summary: This virtual event will showcase promising new and emerging technologies in cybersecurity, focusing on their adoption and implementation. Attendees will gain insights from leading analysts and experts on advanced techniques for securing cloud-based assets and critical data. The event aims to equip participants with knowledge to defend against persistent cyber threats from both cybercriminals and nation-states.…
Read More
Supercharge Your CTI: AI-Powered IOC Collection with ChatGPT, Inoreader and Google Drive
This article outlines a proof-of-concept for automating the collection and processing of Indicators of Compromise (IOCs) using Inoreader, Google Drive, and OpenAI’s GPT-4. The workflow aims to enhance the efficiency of Cyber Threat Intelligence (CTI), Incident Response (IR), and Security Operations Center (SOC) teams by transforming raw data into actionable insights.…
Read More
Government IT contractor Conduent says ‘third-party compromise’ caused outages
Summary: A cyberattack on Conduent, a government technology contractor, led to significant operational disruptions affecting various state services. The company confirmed a third-party compromise of its operating systems, resulting in delays in processing payments for programs like Medicaid and child support. Although the incident was contained, the extent of the attack and whether data was stolen remains unclear.…
Read More

Summary: The video discusses the top six cybersecurity projects for beginners to enhance their resumes and improve their chances of getting hired in 2025. Each project aims to provide hands-on experience and build technical skills essential for cybersecurity roles.

Keypoints:

Project 1: Securing Azure Active Directory – Learn to manage identities and access in cloud and hybrid environments, including user/group management and Azure AD domain services.…
Read More
TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team
Summary: The Transportation Security Administration (TSA) administrator David Pekoske was removed from his position by the Trump administration, despite having been appointed during Trump’s first term and later renewed by President Biden. Pekoske played a significant role in enhancing cybersecurity measures across transportation sectors, particularly following the Colonial Pipeline ransomware attack.…
Read More
Bitbucket services “hard down” due to major worldwide outage
Summary: Atlassian Bitbucket is currently experiencing a significant outage affecting its cloud services, leaving customers unable to access various functionalities. The incident, which has been reported by numerous users, is attributed to a saturated database impacting all operations. Bitbucket is actively investigating the issue and working towards a resolution.…
Read More

Victim: Inaya Clinique Country : DZ Actor: spacebears Source: http://5butbkrljkaorg5maepuca25oma7eiwo6a2rlhvkblb4v6mf3ki2ovid.onion/companies/51/inaya-clinique Discovered: 2025-01-21 15:10:28.545540 Published: 2025-01-21 15:09:18.128806 Description : Clinique Inaya focuses on high-quality, personalized healthcare. Offers a range of specialties including cardiac surgery, gynecology, and general surgery. Provides comprehensive and specialized care to patients. Contains valuable information including databases, reports, and patient details.…
Read More
Hackers impersonate Ukraine’s CERT to trick people into allowing computer access
Summary: Ukrainian researchers have uncovered a cyber campaign where attackers impersonate tech support from CERT-UA to gain unauthorized access to victims’ devices. Utilizing AnyDesk, a legitimate remote desktop software, the intruders claim to conduct “security audits” to exploit trust and authority. The campaign highlights the growing number of cyberattacks targeting Ukraine, with a significant increase in incidents reported over the past year.…
Read More