On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. Cisco has updated its security products with intelligence gained from observing the bad actor’s techniques, shared Indicators of Compromise (IOCs) with other
CTI analysis by Cyble of the escalation of the China-Taiwan conflict in the wake of Nancy Pelosi's visit to Taiwan, which was followed by widespread cyberattacks on Taiwanese institutions. Pelosi’s Taiwan Visit Widens Taipei-Beijing RiftCyble analyzes the escalation of the China-Taiwan conflict in the wake of Nancy
Finland’s parliament said Tuesday its website came under cyber-attack, as the Nordic country applies for NATO membership following Moscow’s invasion of Ukraine. “A denial-of-service attack is taking place against the parliament’s external website,” parliament said in a statement. Finland parliament website targeted in cyber attackFinland’s parliament
A new analysis by Kaspersky unveiled a wave of targeted attacks on military-industrial complex enterprises and public institutions in Belarus, Russia, Ukraine and Afghanistan. Microsoft Word documents attached to the phishing emails contain malicious code that exploits the CVE-2017-11882 vulnerability. The vulnerability enables an attacker to execute arbitrary code (in
The Ministry of Digital Development of Russia proposed to abandon the need to obtain the consent of a citizen to transfer his biometric data to the “Unified Biometric System” (UBS) from various sources, writes “Kommersant with reference to the draft order of the Ministry of Digital Transformation on the procedure
VMware’s 2022 Global Incident Response Threat Report takes a deep dive into the headwinds faced by defenders and how security teams attempt to stay the course. Additional key findings from the report include: Lateral movement is the new battleground. Deepfake attacks shot up 13 percent, with 66 percent of
The Forum of Incident Response and Security Teams (FIRST) has published version 2 of the TLP (Traffic Light Protocol) standard, five years after the first version was published. The Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive information and more effective collaboration. Traffic Light Protocol
An anonymous source has leaked around 4TB of proprietary data from Israel-based digital intelligence company, Cellebrite, after it allegedly carried out a successful cyber attack. The leaked data are available via DDoSecrets's website (it is a a non-profit whistleblower organization), for now only on special request, for researchers
United Kingdom's National Health Service (NHS) 111 emergency services are affected by a significant and ongoing outage triggered by a cyberattack that hit the systems of British managed service provider (MSP) Advanced. Advanced's Adastra client patient management solution, which is used by 85% of NHS 111
Atlas Intelligence Group (A.I.G), aka Atlantis CyberArmy claims that they hacked China Telecom and they leak data coming soon. This group unique compared to all the other groups is its recruitment of cyber-mercenaries to do specific jobs as a part of bigger campaigns known only to the admins.
The founder of the hacker group Killnet told when human casualties will appear in cyber warfare. KillMilk, the founder of KillNet claims they could cause 'human casualties' with their attacks on Lockheed Martin. https://m.gazeta.ru/tech/2022/08/07/15229652.shtml #RusUkrWar #Hactivism #CyberWar
Two of the UK’s leading hospitals have had to cancel operations, postpone appointments and divert seriously ill patients to other centres for the past three weeks after their computers crashed at the height of last month’s heatwave. Chaos after heat crashes computers at leading London hospitalsPatient safety compromised
The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. EAS is a U.S. national public warning system that enables state authorities to disseminate information within 10 minutes during an emergency. Such alerts can interrupt radio and
The Association of German Chambers of Industry and Commerce (DIHK) was forced to shut down all of its IT systems and switch off digital services, telephones, and email servers, in response to a cyberattack. DIHK is a coalition of 79 chambers representing companies within the German state, with over three
A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. The researchers show that RapperBot is based on the Mirai trojan but deviates from the the original malware'
Mandiant has identified an ongoing information operations (IO) campaign leveraging a network of at least 72 suspected inauthentic news sites and a number of suspected inauthentic social media assets to disseminate content strategically aligned with the political interests of the People’s Republic of China (PRC). Pro-PRC “HaiEnergy” Information Operations
