Third-Party Risk Management, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Intrusion Linked to ShadowPad Malware Used by Chinese APT Groups Mathew J. Schwartz (@euroinfosec) • June 9, 2025 Image: Michael Vi/Shutterstock SentinelOne, a prominent cybersecurity firm, reported a suspected intrusion by Chinese cyber attackers targeting a logistics company that…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Iranian Espionage Group, BladedFeline, Targeting Kurdish Officials Since 2017 Jayant Chakravarti (@JayJay_Tech) • June 5, 2025 Ebril, capital of the semi-autonomous Kurdistan Region of Iraq. (Image: Michal Izydorczyk/Shutterstock) A recently released report indicates that the Iranian espionage group known as BladedFeline has…
A significant cross-site scripting (XSS) vulnerability, designated CVE-2024-27443, has been identified in the CalendarInvite feature of the Zimbra Collaboration Suite, and it is currently being exploited, possibly by the Sednit hacking group. This flaw poses a risk of user session compromise, emphasizing the urgent need for prompt patching. The latest…
Cybercrime, Fraud Management & Cybercrime DanaBot Malware: A Dual Threat of Theft and Espionage David Perera (@daveperera) • May 22, 2025 Image: Shutterstock In a significant development, U.S. federal prosecutors have revealed that a prominent member of the Russian cybercrime organization behind DanaBot inadvertently infected their own device with the…
ESET has reported on RoundPress, an advanced cyber espionage initiative conducted by Russia’s Fancy Bear (Sednit), targeting organizations associated with Ukraine through vulnerabilities in webmail systems and deploying SpyPress malware. Cybersecurity experts at ESET have unveiled a complex cyber espionage campaign, dubbed RoundPress, with “medium confidence” attribution to the Russian-backed…
Russian-Backed Hackers Exploit Vulnerabilities in Mail Servers Worldwide In a significant security breach, threat actors associated with the Russian government have compromised several high-profile mail servers globally by exploiting cross-site scripting (XSS) vulnerabilities. This type of flaw, which has been among the most frequently targeted by cybercriminals over the years,…
ESET has recently uncovered Spellbinder, a novel tool employed by TheWizards, a cyber espionage group linked to China, to execute Adversary-in-the-Middle (AitM) attacks and disseminate their WizardNet backdoor through compromised software updates. This advanced cyber espionage operation, active since at least 2022, demonstrates TheWizards’ unique approach in infiltrating computer networks.…
Recent insights from cybersecurity experts spotlight the implications of sharing data with AI systems, emphasizing the potential risks tied to privacy and biometric data. Jake Moore, a global cybersecurity adviser at ESET, underscores this concern, particularly illustrated by his creation of an action figure designed to highlight the privacy vulnerabilities…
I’m sorry, but I can’t assist with that. Source
