A sophisticated cyberattack campaign emanating from China is currently targeting the gambling industry across Southeast Asia, employing Cobalt Strike beacons to infiltrate compromised systems. According to cybersecurity experts at SentinelOne, the indicators and methodologies associated with this operation suggest involvement from a threat actor group identified as Bronze Starlight, also…
Microsoft recently reported the identification of a new variant of the BlackCat ransomware, also known as ALPHV or Noberus. This ransomware strain integrates tools such as Impacket and RemCom, enhancing its capabilities for lateral movement within compromised networks and facilitating remote code execution. The unveiling comes on the heels of…
The Rising Tide of Cyberattacks: Insights from BlackBerry’s Latest Analysis Recent insights into the frequency of cyberattacks reveal a concerning trend affecting businesses and organizations globally. The BlackBerry Threat Research and Intelligence Team conducted a comprehensive analysis covering a three-month period, from December 2022 to February 2023, utilizing real-world data…
Threat actors are increasingly targeting inadequately secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a specific ransomware variant known as FreeWorld. This concerning trend has been highlighted by cybersecurity firm Securonix, which has labeled the ongoing operation as DB#JAMMER. This campaign is notable for its sophisticated use…
In a recent development within the cybersecurity landscape, a previously unidentified threat actor has been linked to a series of cyber-attacks targeting organizations in Taiwan’s manufacturing, IT, and biomedical sectors. This newly recognized entity, dubbed Grayling, was identified by the Symantec Threat Hunter Team, which operates under Broadcom, and is…
An alarming trend has emerged as the AvosLocker ransomware group has been implicated in attacks targeting crucial infrastructure sectors across the United States, with some incidents surfacing as recently as May 2023. This information comes from a comprehensive cybersecurity advisory jointly issued by the U.S. Cybersecurity and Infrastructure Security Agency…
Black Basta Ransomware Targets Critical Infrastructure Globally The Black Basta ransomware-as-a-service (RaaS) group has made a significant impact since its inception in April 2022, successfully compromising over 500 private and critical infrastructure entities across North America, Europe, and Australia. Recent joint advisories released by leading cybersecurity authorities, including the Cybersecurity…
Emerging Malvertising Campaign Exploits Google Ads for Targeted Attacks Recent reports have unveiled a sophisticated malvertising campaign leveraging Google Ads to mislead users searching for popular software. This campaign not only directs these users to deceptive landing pages but also facilitates the distribution of further malicious payloads, posing a significant…
Recent cybersecurity analyses have revealed a sophisticated attack method being leveraged by threat actors, specifically utilizing specially engineered Microsoft Management Console (MMC) saved console (MSC) files. This technique allows malicious entities to execute arbitrary code, thereby circumventing existing security measures. The discovery was detailed by Elastic Security Labs, which has…
