Recent cybersecurity reports indicate the emergence of a sophisticated cyberespionage campaign attributed to the Iranian threat group known as APT34, targeting a potential entity based in Lebanon. This operation features a backdoor designed to extract sensitive data from compromised systems, highlighting the ongoing geopolitical tensions in the region and the…
The Everest ransomware group has announced a breach involving Under Armour, Inc., the prominent American sportswear firm. They claim to have exfiltrated 343 GB of sensitive internal data, including employee information and personal details of millions of individuals across multiple countries. The assertion was made public earlier today on the…
A new and previously unknown malware downloader, referred to as “Saint Bot,” has emerged in recent phishing campaigns, designed to deploy credential-stealing malware and other malicious payloads. This downloader is reported to have made its debut in January 2021 and appears to be actively evolving in its capabilities. Saint Bot…
The cybersecurity landscape was profoundly impacted by the SolarWinds attack, a sophisticated breach facilitated by the infamous Sunburst malware. This incident highlighted the vulnerability of various sectors, as attackers exploited the far-reaching SolarWinds ecosystem to access critical source code and sensitive data spanning multiple organizations, including U.S. government agencies, contractors,…
On Thursday, the U.S. and U.K. governments officially attributed the supply chain breach of SolarWinds, an IT infrastructure management firm, to Russian government operatives from the Foreign Intelligence Service (SVR). This attribution was made with “high confidence,” acknowledging the complexity and depth of the cyber-attack. The U.K. government issued a…
A critical zero-day vulnerability (CVE-2021-22893) has recently come to light within the Pulse Connect Secure gateway, affecting organizations utilizing this VPN technology. The vulnerability enables an authentication bypass, which is currently being actively exploited, and there is no available patch at this time. The primary targets of these intrusions include…
SonicWall Tackles Critical Security Vulnerabilities Targeting Email Security Solutions SonicWall has recently patched three severe security vulnerabilities in its email security products that have been exploited in the wild. These vulnerabilities, identified as CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023, were disclosed following an investigation by FireEye’s Mandiant subsidiary. The flaws were reported…
On Wednesday, Facebook disclosed its efforts to dismantle cyber operations linked to two state-sponsored hacking groups based in Palestine that have exploited its platform for malware distribution. These activities primarily originated from the Preventive Security Service (PSS), a security entity of the Palestinian Authority, and a group identified as Arid…
The SolarWinds cyberattack, which unfolded last December, has been recognized for its intricate methods of penetrating and maintaining a presence within targeted systems. Microsoft has characterized the involved threat actors as “skillful and methodic operators” committed to employing operational security best practices to evade detection. Recent research has uncovered evidence…
