A comprehensive state-sponsored espionage operation targeting the software company SolarWinds has also extended to Microsoft, according to recent developments in an ongoing investigation. Initial reports suggest that the attack might be more extensive and sophisticated than earlier assessments indicated. Reuters first disclosed Microsoft’s involvement, noting that malicious actors utilized the…
A recent cyber threat has emerged, linked to the nation-state group known as APT28, which has exploited a vulnerability in the Microsoft Windows Print Spooler service to distribute a custom malware variant named GooseEgg. This security flaw, tracked as CVE-2022-38028, received a high CVSS score of 7.8 and has been…
The SolarWinds cyberattack, which unfolded last December, has been recognized for its intricate methods of penetrating and maintaining a presence within targeted systems. Microsoft has characterized the involved threat actors as “skillful and methodic operators” committed to employing operational security best practices to evade detection. Recent research has uncovered evidence…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently unveiled details about a sophisticated advanced persistent threat (APT) that has been exploiting the Supernova backdoor to infiltrate SolarWinds Orion installations. The breach was traced back to access gained through a connection to a compromised Pulse Secure VPN device. CISA reported…
Encryption & Key Management, Next-Generation Technologies & Secure Development, Security Operations Rising Enterprise Applications and International Initiatives Propel Us Into a Quantum Future Brian Pereira (creed_digital) • November 14, 2025 Image: Shutterstock In 2025, quantum computing has risen to prominence, particularly due to the surge in discussions surrounding post-quantum cryptography.…
A sophisticated threat actor has been exploiting an evasive Windows rootkit to infiltrate high-profile organizations in Asia and Africa, with activity detected since at least 2018. This malware, dubbed ‘Moriya’, operates as a passive backdoor, allowing attackers to monitor incoming traffic on infected systems and selectively respond to packets intended…
The cybercrime group known as ShinyHunters has made headlines for its ongoing campaign of data breaches and is now reported to be actively exploiting vulnerabilities in companies’ GitHub repositories. This analysis highlights the group’s strategies for conducting broader and more sophisticated cyberattacks. According to a report from Intel 471 shared…
Wiz, a cloud security organization, has disclosed a recently patched vulnerability in Microsoft’s Azure Cosmos database that posed a significant risk by allowing unauthorized users to gain full administrative access to the database instances of other customers. This vulnerability, named “ChaosDB,” was particularly alarming due to its potential for exploitation…
Phishing Campaigns Targeting Booking.com Users Raise Security Concerns Recent reports highlight a sophisticated phishing campaign aimed primarily at Windows users, as detailed by cybersecurity experts. The attackers exploit compromised accounts from hotels listed on Booking.com or similar online travel services. By leveraging the sensitive information available in these accounts, they…
