Cybercrime, Fraud Management & Cybercrime Ransomware Expert Alerts Executives to Ransom Demands as High as $50 Million Mathew J. Schwartz (euroinfosec) • October 2, 2025 Image: Shutterstock/ISMG Digital extortionists are directly targeting executives at companies utilizing Oracle E-Business Suite, alleging they have compromised sensitive data, according to reports from multiple…
A series of sophisticated phishing campaigns targeting diplomatic and governmental organizations has been linked to a Russian-state sponsored hacking group known as APT29, or Cozy Bear. This threat actor has been active since January 17, 2022, employing a range of techniques that highlight their ongoing interest in gathering sensitive diplomatic…
Canadian law enforcement has apprehended Alexander “Connor” Moucka, a suspect in a series of high-profile cyberattacks linked to the breach of the cloud data warehousing platform Snowflake. The arrest, executed on October 30, 2024, was made under a provisional warrant following a request from U.S. authorities. This incident was initially…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Researchers Uncover Covert Chinese Access to US Service Provider Infrastructure Chris Riotta (@chrisriotta) • September 24, 2025 Image: Visut Chaivithooanukul/Shutterstock In a significant cybersecurity revelation, researchers have elucidated a long-running Chinese-linked cyberespionage campaign that infiltrated U.S. infrastructure and various enterprise service providers…
According to Mandiant, at least three alleged hacktivist groups purportedly aligned with Russian interests are believed to collaborate with state-sponsored cyber operatives. Mandiant, a Google-affiliated cybersecurity firm, has reported with moderate confidence that key figures behind the hacktivist Telegram channels such as ‘XakNet Team,’ ‘Infoccentr,’ and ‘CyberArmyofRussia_Reborn’ are likely coordinating…
A recent report from Mandiant has revealed that the Chinese cyber espionage group known as UNC3886 is actively targeting outdated MX Series routers from Juniper Networks. This campaign is aimed at deploying custom backdoors, demonstrating a tactical shift towards exploiting internal networking infrastructure. According to Mandiant, the backdoors utilized diverse…
A subgroup of the notorious Russian state-sponsored hacking entity known as Sandworm has been linked to a persistent global access operation, termed BadPilot, which has been under way for several years. The Microsoft Threat Intelligence team recently disclosed this in a report, emphasizing the group’s strategy of compromising internet-facing infrastructure…
A notorious Russia-based cyber espionage group known as APT29 has reportedly exploited a less common Windows feature called Credential Roaming following a successful phishing operation targeting an unmentioned European diplomatic organization. The strategic focus on diplomatic targets aligns with APT29’s historical modus operandi, demonstrating their commitment to gathering intelligence that…
Recent data breaches have raised concerns about security within popular applications, particularly the use of the Salesloft Drift application to compromise Salesforce data. In an important update, Salesloft has reported that the security incident has been addressed, with containment measures and customer protections now in effect. To investigate the breach,…
