Collaborate Disseminate
A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is… Continue reading Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. The cyber extortion group has lately sw… Continue reading Has the MOVEit hack paid off for Cl0p?
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, … Continue reading Microsoft Exchange servers compromised by Turla APT
Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat … Continue reading Chinese hackers forged authentication tokens to breach government emails
How do cyber pros prioritize their security efforts? A good place to start is knowing exactly what tactics, techniques and procedures (TTP) threat actors use. In a recently published report, aggregated data was used to identify the most common attack techniques as defined by the MITRE ATT&CK framework. The study revealed that PowerShell Command & […]
The post All About PowerShell Attacks: The No. 1 ATT&CK Technique appeared first on Security Intelligence.
Continue reading All About PowerShell Attacks: The No. 1 ATT&CK Technique
The compromise of PBI Research and The Berwyn Group’s MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies – and millions of their users. PBI + Berwyn Group – a population … Continue reading MOVEit compromise affects pension systems, insurers
Swiss government websites are under DDoS attacks, but several ransomware gangs have also turned their sights on Swiss government organizations, cantonal governments, cities and companies in the last few months. Government sites under DDoS attacks ̶… Continue reading Switzerland under cyberattack
As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. C… Continue reading PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)
Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a critic… Continue reading Replace Barracuda ESG appliances, company urges
A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a low-profile and seemingly not very active threat actor – seems to be among t… Continue reading 0mega ransomware gang changes tactics