Recent research indicates that a nation-state actor known for prolonged cyber espionage activities has transitioned to using coin mining techniques. This strategic shift, attributed to the hacking group Bismuth, is aimed at evading detection while ensuring persistence within the systems of their targets. The Microsoft 365 Defender Threat Intelligence Team…
A recent breakthrough in cybersecurity research reveals a significant vulnerability within air-gapped systems, which are designed to be isolated from unsecured networks. Researchers have successfully demonstrated a method for exfiltrating sensitive data using a novel attack called AIR-FI. This technique operates by leveraging electromagnetic emissions from the computer’s DDR SDRAM…
New Malspam Campaign Distributing Remote Access Trojan Posing as Trump Scandal Video Cybersecurity researchers have unveiled a new malspam operation that aims to spread a remote access Trojan (RAT) by leveraging sensational claims of a scandal involving U.S. President Donald Trump. The campaign has been linked to deceptive emails featuring…
The U.S. Department of Justice has brought charges against a Chinese hacker and an accomplice for their alleged involvement in the notorious 2015 data breach at Anthem, one of the largest health insurance companies in the nation, as well as three other yet-to-be-disclosed American firms. The indictment, which was made…
Mimecast Confirms Breach Linked to SolarWinds Cyberattack Mimecast, a prominent cloud-based email management provider, disclosed on Tuesday that a “sophisticated threat actor” had compromised one of its digital certificates integral to secure connections with Microsoft 365 Exchange. This alarming revelation emerged after Microsoft notified Mimecast of potential vulnerabilities. In response,…
In a recent development, cybersecurity researchers uncovered an ongoing surveillance initiative targeting Colombian government institutions and private enterprises within the energy and metallurgical sectors. This attack campaign, referred to as “Operation Spalax,” was detailed in a report released Tuesday by ESET, a Slovak cybersecurity firm. The operation first began in…
Recent revelations by cybersecurity experts have uncovered a series of sophisticated cyberattacks orchestrated by a Chinese threat actor, targeting various organizations in Russia and Hong Kong. This campaign has been noted for the deployment of an undocumented backdoor, showcasing the evolving nature of threats in today’s digital landscape. Researchers from…
Recent investigations have revealed the presence of up to 100 malicious artificial intelligence and machine learning models hosted on the Hugging Face platform. These models pose significant risks, as they can execute unauthorized code through the loading of specific pickle files, according to software supply chain security firm JFrog. Senior…
In today’s rapidly changing cybersecurity landscape, ransomware remains a particularly daunting challenge. It has evolved to become increasingly destructive, persistent, and difficult to combat, showing no indications of abating. Organizations that fall prey to ransomware attacks often experience extensive data loss, operational disruptions, costly recovery processes, potential legal ramifications, and…
