Mind the (air) gap: GoldenJackal Targets Government Systems
New insights into GoldenJackal’s sophisticated toolsets, which have been used to carry out cyberespionage activities across Europe, South Asia, and the Middle East since 2019.
Latest
APT-C-00 OceanLotus Utilizes Advanced Dual Loader with VMP Protections
On September 23, 2024, the Advanced Threat Research Institute’s 360 Threat Intelligence Center released a detailed analysis on APT-C-00, also known as OceanLotus, a notorious advanced persistent threat (APT) group with suspected state backing.
Hacking Kia: Remotely Controlling Cars With Just a License Plate
On September 23, 2024, cybersecurity researcher Sammy released an alarming report detailing critical vulnerabilities in Kia vehicles that allowed attackers to remotely control key vehicle functions using only the vehicle’s license plate number.
Evil Corp: The Cybercrime Syndicate that Refuses to Die
On October 1, 2024, a detailed report shed new light on the notorious cybercrime group Evil Corp, revealing their continued operations despite global efforts to dismantle their network. Known for creating some of the most sophisticated malware strains.
Iranian Cyber Espionage Campaign Targets Swedish SMS Service in Data Breach
The attack targeted a Swedish company that manages a mass SMS service. According to a preliminary investigation led by the Swedish Security Police (Säkerhetspolisen), the breach was orchestrated by the Iranian Islamic Revolutionary Guard Corps (IRGC).
Political Deepfakes Exploit Global Elections: Emerging Tactics and Impacts
Insikt Group released a comprehensive threat analysis report, highlighting the increasing deployment of deepfakes targeting public figures across the globe. Over the past year, the group identified 82 deepfakes impersonating key figures, with a focus on elections.
Remote Code Execution Vulnerabilities Discovered in CUPS Affecting UNIX Systems
On September 26, 2024, a detailed disclosure outlined critical vulnerabilities in the Common UNIX Printing System (CUPS) that enable remote code execution (RCE) on UNIX systems, including various GNU/Linux distributions.
SloppyLemming Espionage Campaign Targets South and East Asia
On September 24, 2024, Cloudforce One published an extensive investigation into a sophisticated espionage campaign orchestrated by the advanced threat actor known as SloppyLemming.
Microsoft Secure Future Initiative Progress Report (September 2024)
On September 23, 2024, Microsoft released its latest Secure Future Initiative (SFI) Progress Report, detailing significant strides in addressing the complex and escalating landscape of cyberattacks
Mandiant Exposes the Threat of North Korean IT Workers Posing as Foreign Nationals
On September 23, 2024, Mandiant released a comprehensive report on the persistent threat posed by North Korean IT workers. Operating under the guise of non-North Korean nationals, these workers infiltrate companies globally to evade sanctions and generate revenue for the North Korean regime.
Storm on the Horizon: Inside the AJCloud IoT Ecosystem
On September 19, 2024, an extensive security investigation into the AJCloud IoT platform uncovered serious vulnerabilities affecting millions of Wi-Fi cameras sold by various vendors.
Russian State-Sponsored Mobile Threats: A Decade of Espionage and Surveillance
On September 22, 2024, @BushidoToken released a threat intelligence report uncovering a decade of underreported Russian mobile espionage campaigns targeting Android and iOS users.
Global Coalition Expands Efforts to Counter Commercial Spyware Misuse
Austria, Estonia, Lithuania, and the Netherlands officially endorsed the Joint Statement on Efforts to Counter Commercial Spyware.
Franklin County, Kansas Hit by Ransomware Attack, 29,690 Affected
On September 20, 2024, a consumer notice document surfaced regarding an incident on May 19, 2024, where Franklin County, Kansas, fell victim to a ransomware attack, compromising sensitive data from the County Clerk's Office.