Cozy Bear, a hacking group linked to the Russian government, is executing a new phishing campaign that is impacting over 100 organizations worldwide. Utilizing sophisticated tactics, the attackers are employing signed Remote Desktop Protocol (RDP) files disguised as legitimate documents to establish remote access and extract sensitive information. Organizations should…
An alarming trend has emerged as the AvosLocker ransomware group has been implicated in attacks targeting crucial infrastructure sectors across the United States, with some incidents surfacing as recently as May 2023. This information comes from a comprehensive cybersecurity advisory jointly issued by the U.S. Cybersecurity and Infrastructure Security Agency…
A significant cybersecurity threat has emerged involving a botnet orchestrated by hackers linked to the Chinese government. This network, comprised of thousands of compromised routers, cameras, and other Internet-connected devices, has been employed to execute sophisticated password spray attacks targeted at users of Microsoft’s Azure cloud service. The warning about…
Leadership & Executive Communication, Training & Security Leadership, Video CIO Alex Gallo Discusses Managing Digital Transformation, Security, and Lifelong Learning Anna Delaney (annamadeline) • November 1, 2024 Alex Gahlo, CIO and CyberEdBoard member In a landscape increasingly defined by rapid digital transformation, Alex Gallo, a member of CyberEdBoard and Chief…
In recent developments, a previously unidentified threat actor has been leveraging existing security vulnerabilities in Microsoft Exchange Server to deploy keylogger malware, with targets primarily located in Africa and the Middle East. This alarming trend was highlighted by Positive Technologies, a Russian cybersecurity firm, which reports over 30 victims, including…
Hackers Exploiting Password Spraying Techniques Target Microsoft Accounts In a recently issued alert, Microsoft has warned of ongoing password spraying attacks orchestrated by multiple Chinese hacking groups utilizing a botnet known as Quad7. Named after a TCP routing port number, this botnet is comprised of approximately 8,000 compromised devices, predominantly…
In a recent surge of cyber incidents, the Iranian threat group known as Tortoiseshell has been linked to a series of watering hole attacks involving a new strain of malware referred to as IMAPLoader. This type of malware is designed to gather information from compromised systems and function as a…
A cyber threat group named 888 has gained attention following its recent assertion of a successful breach into the servers of International Business Machines (IBM). The group claims to have stolen approximately 17,500 records containing sensitive information related to both current and former employees of the company. However, skepticism surrounds…
Identity security has emerged as a pressing concern following a series of significant breaches, with numerous high-profile organizations such as Microsoft, Okta, Cloudflare, and Snowflake experiencing security incidents. This situation has prompted stakeholders to reassess their approaches to identity security from both strategic and technological perspectives. Traditionally, identity security has…
