Cybercriminal Landscape Shifting as DragonForce Targets RansomHub Affiliates Recent developments in the cybercrime realm have emerged, with the hacking group DragonForce reportedly targeting affiliates of RansomHub in a move that raises concerns over the stability within the ransomware ecosystem. Genevieve Stark, head of cybercrime analysis at Google Threat Intelligence Group,…
Business Continuity Management / Disaster Recovery, Endpoint Security, Governance & Risk Management Windows 11 Revamp Means No Kernel Access Required for Third-Party Security Tools Mathew J. Schwartz (euroinfosec) • June 30, 2025 Image: Shutterstock “All of the endpoint security features you’ve come to expect, without that pesky kernel-level access,” summarizes…
Third-Party Risk Management, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Intrusion Linked to ShadowPad Malware Used by Chinese APT Groups Mathew J. Schwartz (@euroinfosec) • June 9, 2025 Image: Michael Vi/Shutterstock SentinelOne, a prominent cybersecurity firm, reported a suspected intrusion by Chinese cyber attackers targeting a logistics company that…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Iranian Espionage Group, BladedFeline, Targeting Kurdish Officials Since 2017 Jayant Chakravarti (@JayJay_Tech) • June 5, 2025 Ebril, capital of the semi-autonomous Kurdistan Region of Iraq. (Image: Michal Izydorczyk/Shutterstock) A recently released report indicates that the Iranian espionage group known as BladedFeline has…
A significant cross-site scripting (XSS) vulnerability, designated CVE-2024-27443, has been identified in the CalendarInvite feature of the Zimbra Collaboration Suite, and it is currently being exploited, possibly by the Sednit hacking group. This flaw poses a risk of user session compromise, emphasizing the urgent need for prompt patching. The latest…
Cybercrime, Fraud Management & Cybercrime DanaBot Malware: A Dual Threat of Theft and Espionage David Perera (@daveperera) • May 22, 2025 Image: Shutterstock In a significant development, U.S. federal prosecutors have revealed that a prominent member of the Russian cybercrime organization behind DanaBot inadvertently infected their own device with the…
ESET has reported on RoundPress, an advanced cyber espionage initiative conducted by Russia’s Fancy Bear (Sednit), targeting organizations associated with Ukraine through vulnerabilities in webmail systems and deploying SpyPress malware. Cybersecurity experts at ESET have unveiled a complex cyber espionage campaign, dubbed RoundPress, with “medium confidence” attribution to the Russian-backed…
Russian-Backed Hackers Exploit Vulnerabilities in Mail Servers Worldwide In a significant security breach, threat actors associated with the Russian government have compromised several high-profile mail servers globally by exploiting cross-site scripting (XSS) vulnerabilities. This type of flaw, which has been among the most frequently targeted by cybercriminals over the years,…
ESET has recently uncovered Spellbinder, a novel tool employed by TheWizards, a cyber espionage group linked to China, to execute Adversary-in-the-Middle (AitM) attacks and disseminate their WizardNet backdoor through compromised software updates. This advanced cyber espionage operation, active since at least 2022, demonstrates TheWizards’ unique approach in infiltrating computer networks.…
