Key Point : – The state-linked intrusion on Microsoft Exchange Online led to the theft of about 60,000 U.S. State Department emails last summer and was preventable. – Microsoft’s corporate culture deprioritized investments in enterprise security and rigorous risk management. – The Cyber Safety Review Board urged Microsoft to make security-focused reforms and recommended changes for all cloud services providers and government partners.…

Read More

Threat Actor: Server Killers Group Victim: North Macedonian Government

Key Points: 🌟 Server Killers group initiated a series of cyber attacks targeting North Macedonia. 🌟 They executed Distributed Denial of Service (DDoS) assaults on critical government websites. 🌟 The official portals of the North Macedonian government and parliament were targeted.…

Read More
Introduction

In the first quarter of 2024, specialists from Positive Technologies Expert Security Center (PT ESC) detected a series of attacks targeting government organizations in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Armenia. We could not find any links to known groups that used the same techniques. The main goal of the attack was stealing credentials for various services from computers used by public servants.…

Read More

Threat Actor: Pharanos Cyber Army (PCA) Victim: Ukrainian Government-Controlled Systems

Information: 🌟 PCA claims to have successfully breached a system operated by private companies and ISPs within Ukraine. 🌟 The Ukrainian government is allegedly engaging in surveillance of its citizens. 🌟 The Ukrainian government may be utilizing the collected data to target and eliminate individuals, falsely implicating Russia or its allies.…

Read More

____________________ Summary: Google’s latest research shows a significant increase in zero-day vulnerabilities exploited by attackers in enterprise-specific software and appliances compared to previous years.

Key Point 🛡️: – The number of found and exploited enterprise-specific technology zero-day vulnerabilities increased by 64% in 2023. – End-user platforms like Windows, Safari, iOS, and Android were also targeted, with notable investments from vendors like Apple, Google, and Microsoft.…

Read More

Threat Actor: – Unknowns group – CyberDragon group – Cyber Army of Russia group

Victim: – Government of Slovenia – NLB (largest commercial bank in Slovenia) – Chamber of Commerce and Industry

Information: – The Unknowns group is believed to be behind the series of disruptive DDoS attacks targeting key state websites in Slovenia.…

Read More

Written by: Alden Wahlstrom, David Mainor, Daniel Kapellmann Zafra

 

In June 2023, Russian businessman Yevgeniy Prigozhin and his private military company (PMC) “Wagner” carried out an armed mutiny within Russia. The events triggered the meteoric political downfall of Prigozhin, raising questions about the future of his various enterprises that were only underscored when he died two months later under suspicious circumstances.…

Read More

Article Summary:

🔹 The U.S. military needs a cyber branch to address growing threats in cyberspace. 🔹 A report by the Foundation for Defense of Democracies calls for the establishment of a Cyber Force branch with 10,000 personnel and a $16.5 billion budget. 🔹 The report highlights inefficiencies in the current division of labor between the Army, Navy, Air Force, and Marine Corps in cyber operations.…

Read More

Article Summary: 🔹 Russian state-backed hackers likely behind recent attacks on four small Ukrainian internet providers, disrupting operations for over a week. 🔹 Group known as Solntsepek claimed responsibility for incidents, believed to be behind 2023 cyberattack on Ukraine’s largest telecommunication provider. 🔹 Ukrainian officials tracking threat actor behind attack as UAC-0165, a subgroup of Sandworm run by Russia’s military intelligence agency.…

Read More
Threat Landscape

The encryptor has hit the scene recently, but without any notable leak site from the threat actor or typical ransomware branding. The ransomware note is not unique in the wording used, but it is clear the threat actor is masquerading as a pentester. This tactic has been used by other threat actors in the past and is not going to fool the victim when they come across the ransomware note on an encrypted system.…

Read More

According to allegations, a series of DDoS attacks orchestrated by UserSec and the Cyber Army of Russia have been revealed, aiming to disrupt the operations of multiple Luxembourg websites. Reportedly, prominent targets of these purported attacks include Luxembourg’s Lux-Airport, Ministry of Foreign Affairs, and Luxembourg Stock Exchange Platform.…

Read More