The Rising Tide of Cyberattacks: Insights from BlackBerry’s Latest Analysis Recent insights into the frequency of cyberattacks reveal a concerning trend affecting businesses and organizations globally. The BlackBerry Threat Research and Intelligence Team conducted a comprehensive analysis covering a three-month period, from December 2022 to February 2023, utilizing real-world data…
Threat actors are increasingly targeting inadequately secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a specific ransomware variant known as FreeWorld. This concerning trend has been highlighted by cybersecurity firm Securonix, which has labeled the ongoing operation as DB#JAMMER. This campaign is notable for its sophisticated use…
In a recent development within the cybersecurity landscape, a previously unidentified threat actor has been linked to a series of cyber-attacks targeting organizations in Taiwan’s manufacturing, IT, and biomedical sectors. This newly recognized entity, dubbed Grayling, was identified by the Symantec Threat Hunter Team, which operates under Broadcom, and is…
An alarming trend has emerged as the AvosLocker ransomware group has been implicated in attacks targeting crucial infrastructure sectors across the United States, with some incidents surfacing as recently as May 2023. This information comes from a comprehensive cybersecurity advisory jointly issued by the U.S. Cybersecurity and Infrastructure Security Agency…
Black Basta Ransomware Targets Critical Infrastructure Globally The Black Basta ransomware-as-a-service (RaaS) group has made a significant impact since its inception in April 2022, successfully compromising over 500 private and critical infrastructure entities across North America, Europe, and Australia. Recent joint advisories released by leading cybersecurity authorities, including the Cybersecurity…
Emerging Malvertising Campaign Exploits Google Ads for Targeted Attacks Recent reports have unveiled a sophisticated malvertising campaign leveraging Google Ads to mislead users searching for popular software. This campaign not only directs these users to deceptive landing pages but also facilitates the distribution of further malicious payloads, posing a significant…
Recent cybersecurity analyses have revealed a sophisticated attack method being leveraged by threat actors, specifically utilizing specially engineered Microsoft Management Console (MMC) saved console (MSC) files. This technique allows malicious entities to execute arbitrary code, thereby circumventing existing security measures. The discovery was detailed by Elastic Security Labs, which has…
Recently reported zero-day vulnerabilities in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been actively exploited to deploy a Rust-based payload known as KrustyLoader. This malicious software component is specifically designed to install the open-source Sliver adversary simulation tool, which has gained traction among threat actors. The security…
In a concerning resurgence of cyber espionage, a newly identified operation linked to Chinese state-sponsored groups, codenamed Crimson Palace, has been detected targeting multiple government entities across Southeast Asia. This resurgence suggests a notable escalation in the scope of state-directed cyber intrusions, raising significant alarms among regional cybersecurity experts. Cybersecurity…
