A sophisticated threat actor known as Mustang Panda has been implicated in a wave of spear-phishing attacks directed at key sectors including government, education, and research from May to October 2022. According to a recent report by cybersecurity firm Trend Micro, the targeted regions include countries in the Asia Pacific,…
Daixin Team Compromises AirAsia’s Data in Ransomware Incident In a significant cybersecurity breach, the Daixin Team, a cybercrime group, has published sensitive data linked to AirAsia, a prominent Malaysian low-cost airline. This development follows a ransomware attack that occurred on November 11 and 12, during which the airline’s network was…
Russia Conducts Hypersonic Missile Test Amid Rising Tensions with NATO In a notable display of military capability, Russia launched a 3M22 Zircon hypersonic missile from the frigate Admiral Golovko in the Barents Sea, strategically located near NATO borders. This launch occurs against a backdrop of escalating tensions between Russia and…
Medibank Confirms Data Breach After Ransom Demand Rejection On Thursday, Medibank publicly acknowledged another data leak from its systems by cybercriminals, following the company’s decision not to comply with a ransom demand. This breach has resulted in a fresh dump of sensitive data appearing on the dark web, an alarming…
The Cuba ransomware group, also referred to as COLDDRAW, has reportedly amassed over $60 million in ransom payments while compromising more than 100 organizations globally, as of August 2022. This surge in activity prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) to…
A new variant of data-wiping malware, identified as CryWiper, has emerged and is specifically targeting Russian government institutions, such as mayoral offices and courthouses. Unlike traditional ransomware that encrypts data, CryWiper masquerades as ransomware but ultimately destroys data without providing any means of recovery. Kaspersky researchers Fedor Sinitsyn and Janis…
A targeted cyber intrusion campaign has been actively engaging telecommunications and business process outsourcing (BPO) companies since at least June 2022. This ongoing assault aims to infiltrate mobile carrier networks and is characterized by SIM swapping techniques, as highlighted in recent investigations by CrowdStrike. Researcher Tim Parisi detailed these findings…
On Wednesday, the U.S. Department of Justice (DoJ) announced the seizure of 48 domains linked to the facilitation of distributed denial-of-service (DDoS) attacks. These domains provided a platform for malicious actors to launch attacks, thereby diminishing the barriers to entry for cybercriminal activities. In connection with this crackdown, six individuals…
Meta Platforms recently announced the dismantling of over 200 covert influence operations since 2017, affecting approximately 70 countries and spanning 42 languages. This extensive effort highlights the growing challenges of foreign interference and the active role of spyware vendors targeting diverse groups, including journalists, activists, and political dissenters globally. Among…
