Summary of Recent Ransomware Incident Involving Cicada3301 The ransomware group known as Cicada3301 has claimed responsibility for a significant data breach impacting Concession Peugeot, a well-known French automotive dealership associated with the Peugeot brand. According to the group, approximately 35GB of sensitive information has been compromised, further intensifying their ongoing…
In the latest edition of our Cybersecurity Newsletter, we explore significant developments and critical updates within the ever-changing landscape of cybersecurity. This issue centers on evolving threats and the current defensive measures essential in our increasingly digital world. Central to our coverage are prevalent concerns including sophisticated ransomware campaigns and…
In recent developments within the cybersecurity landscape, a new form of malware known as Bootkitty has emerged, targeting Linux systems with techniques historically associated with Windows infections. This bootkit operates at the firmware level, specifically within the Unified Extensible Firmware Interface (UEFI), a crucial component that executes prior to the…
Russian RomCom Group Leverages Zero-Day Vulnerabilities in Cyber Campaign Cybersecurity researchers from ESET have uncovered a sophisticated attack campaign attributed to the Russia-linked group known as RomCom, which exploited two previously unknown vulnerabilities—commonly referred to as zero-day flaws—in widely used software platforms, namely Firefox and Windows. This complex operation highlights…
Security Operations ESET Identifies Significant Vulnerabilities Exploited by the Russian RomCom Hacking Group Chris Riotta (@chrisriotta) • November 26, 2024 ESET reports the discovery of critical vulnerabilities in Mozilla products and Windows, exploited by the RomCom group to deploy a backdoor. (Image: Mozilla Foundation) Two critical vulnerabilities affecting Mozilla products…
In a recent cybersecurity incident, Volexity uncovered significant insights into a sophisticated intrusion that targeted one of its clients. The investigation initiated after a subsequent breach allowed Volexity to gather more comprehensive logs of the hackers’ activities, ultimately leading to the identification of the source of the attack. Analysts determined…
The BianLian ransomware group has undergone a significant transformation, transitioning into a data theft extortion organization, as highlighted in a recent advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Australian Cyber Security Centre. This shift marks a departure from their previous double-extortion strategies that…
In a troubling revelation, the cyber espionage group codenamed MoustachedBouncer, which has remained undocumented until now, has been linked to a series of attacks targeting foreign embassies in Belarus. ESET security researcher Matthieu Faou notes that this group has likely been active since 2014 and has continuously improved its techniques,…
Human Rights Activists Targeted by New Phishing Campaign in Morocco and Western Sahara A new cybersecurity threat has emerged in Morocco and the Western Sahara, particularly targeting human rights activists associated with the Sahrawi Arab Democratic Republic (SADR). This threat actor, identified by Cisco Talos as Starry Addax, employs sophisticated…
