CISA: Russia’s Fancy Bear Targeting Logistics, IT Firms
The mission is to gather information that could help Russia in its war against Ukraine.
The mission is to gather information that could help Russia in its war against Ukraine.
Related
Cyberattack on Kazakhstan’s Largest Oil Company Was ‘Simulation’
Researchers thought a Russian APT used a compromised employee email to attack Kazakhstan’s biggest oil company. The company later confirmed it was a pen test.
Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Winter is coming – so it must be time for Sophos X-Ops’ report on this year’s MITRE ATT&CK Enterprise Evaluations
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.
Helping Romance Scam Victims Require a Proactive, Empathic Approach
People targeted by confidence schemes find getting help is a lonely road. Experts want law enforcement, financial and government institutions to work together and protect them.
Medusa Ransomware Attack
What is the Attack? Microsoft Threat Intelligence has identified Storm-1175, a financially motivated threat actor conducting high-tempo ransomware operations leveraging the Medusa ransomware variant. The group specializes in rapidly exploiting vulnerable web-facing systems, often weaponizing newly disclosed vulnerabilities (N-days) and even zero-days before public disclosure. Storm-1175 | Medusa ransomware operations | Microsoft Security Blog A…
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler