An analysis of the operations of Hunters International, the ransomware-as-a-service platform that has been used to compromise more than 200 organizations, conducted by Forescout Technologies reveals the cybercriminal syndicate that created it is employing a wide range of new and old tactics and techniques. The post Forescout Report Detail Hunters International Ransomware Gang Tactics appeared…
Category: Threats
Department of Justice (DOJ), FSB, Geopolitics, Global Security News, Government, Microsoft, phishing, Russia, Star Blizzard, Threats, WhatsApp
Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp
The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025. Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change…
Asia Pacific, china, Cybercrime, Department of Justice, Global Security News, Government, PlugX, Remote access trojan, Sekoia, Threats
Law enforcement action deletes PlugX malware from thousands of machines
U.S. and international law enforcement agencies have removed the PlugX malware from thousands of computers worldwide in a coordinated campaign to blunt the effectiveness of one of the most infamous pieces of malware used by malicious cyber actors. According to recently unsealed court documents from the Eastern District of Pennsylvania, the U.S. Department of Justice…
APT28, Europe, Fancy Bear, Global Security News, GRU, Kazakhstan, Russia, Sekoia, Threats
Fancy Bear spotted using real Kazak government documents in spearpishing campaign
A hacking group linked to Russian intelligence has been observed leveraging seemingly legitimate documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia, according to researchers at Sekoia. The files, laced with malware, include draft versions of diplomatic statements, correspondence letters, internal administrative notes and other documents…
AI Tools, API security, Cybersecurity, Data Security, Featured, Global Security News, News, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats
Exabeam Extends Scope and Reach of SIEM Platform
Exabeam today added a bevy of capabilities to its New-Scale Security Operations Platform, including support for open application programming interface (API) and an ability to search data stored in the LogRhythm security information event management (SIEM) platform it acquired last year. The post Exabeam Extends Scope and Reach of SIEM Platform appeared first on Security…
CVE, Cybersecurity, Exploits, Global Security News, industrial control systems (ICS), industrial IoT (IIoT), Moxa, Threats, vulnerabilities
Industrial networking manufacturer Moxa reports ‘critical’ router bugs
Firmware in cellular routers, secure routers and network security appliances made by Moxa are vulnerable to a pair of high severity bugs that can escalate privileges for an attacker, give root-level access or allow for unauthorized execution of commands. In a pair of CVEs published Jan. 3, Moxa called the flaws “critical” and warned they…
disinformation, election hacking, Geopolitics, Global Security News, Government, Iran, Russia, sanctions, Technology, Threats
US sanctions Russian, Iranian groups for election interference
The U.S. State Department has sanctioned two foreign organizations and one individual who it alleges worked on behalf of Russian and Iranian intelligence agencies to interfere in the 2024 U.S. general election. “These actors sought to stoke sociopolitical tensions and undermine our election institutions during the 2024 U.S. general election,” said State Department Press Secretary…
2 factor auth, 2-factor authentication, 2FA, AT&T, Best of 2024, Cloud MFA, Data leak, DUAL FACTOR AUTHENTICATION, Global Security News, MFA, mult-factor authentication, multi-factor authenication, multi-factor authentication, Multi-Factor Authentication (MFA), Multifactor Authentication, NYSE:SNOW, NYSE:T, privacy, SB Blogwatch, ShinyHunters, Snowflake, Social - Facebook, Social - LinkedIn, Social - X, Threats, two factor authentication, UNC5537
Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again
Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them. The post Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again appeared first on Security Boulevard.
Asia Pacific, china, configuration managment, Cybersecurity, Federal Communications Commission, Global Security News, Government, hacking, information sharing, microsegmentation, Salt Typhoon, telecommunications, Threats, Vulnerability Management, White House
White House: Salt Typhoon hacks possible because telecoms lacked basic security measures
The White House said Friday that as the U.S. government continues to assess the damage caused by the Salt Typhoon hacks, the breach occurred in large part due to telecommunications companies failing to implement rudimentary cybersecurity measures across their IT infrastructure. Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technology,…
Asia Pacific, china, Commentary, critical infrastructure, Cybersecurity, cybersecurity harmonization, Federal Communications Commission, Geopolitics, Global Security News, Government, Salt Typhoon, Threats, White House
Feds lay blame while Chinese telecom attack continues
The United States’ telecommunications infrastructure has been infiltrated by actors affiliated with China. Some of our nation’s most powerful leaders have been targeted — including President-elect Donald Trump and Vice President-elect JD Vance. This is one of the most severe cybersecurity incidents against telecom the United States has ever been subject to, and — worse…
Cybercrime, Cybersecurity, Department of Justice (DOJ), Global Security News, Government, LockBit, Ransomware, Threats, Uncategorized
Justice Department unveils charges against alleged LockBit developer
The U.S. Department of Justice revealed charges Friday against Rostislav Panev, a dual Russian and Israeli national, for his alleged role as a developer in the notorious LockBit ransomware group. Panev was arrested in Israel following a U.S. provisional arrest request and is currently awaiting extradition. Authorities allege that Panev has been an instrumental figure…
Evil Corp, Global Security News, Government, Israel, National Crime Agency, operation cronos, Ransomware, Threats
Israeli court to hear U.S. extradition request for alleged LockBit developer
An Israeli Court is set to deliberate a significant extradition case involving Rostislav Panev, an Israeli citizen alleged to be involved with the notorious LockBit ransomware gang. According to Israeli news outlet Ynet, a U.S. extradition request was made public Thursday claiming that between 2019 and 2024, Panev served as a software developer for LockBit.…
AppSec, Best Practices, Global Security News, Legit, Security Bloggers Network, Threats
What Is Privilege Escalation? Types, Examples, and Prevention
Privilege escalation is a critical cybersecurity threat in which a user—usually a malicious actor—gains access to data beyond what their account permissions allow. Attackers can gain this access through human error, stolen credentials, or social engineering. The post What Is Privilege Escalation? Types, Examples, and Prevention appeared first on Security Boulevard.
Department of Justice (DOJ), Global Security News, Raccoon Infostealer, Threats
Ukrainian sentenced to five years in jail for work on Raccoon Stealer
Ukrainian national Mark Sokolovsky was sentenced Wednesday to five years in federal prison for his role in operating Raccoon Infostealer malware, which infiltrated millions of computers worldwide to steal personal data. According to court documents, Sokolovsky, 28, was integral to operations that allowed the leasing of Raccoon Infostealer for $200 per month, payable via cryptocurrency.…
Android, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), encrpytion, FIDO, Global Security News, Government, iPhone, Mobile Security, Multi-Factor Authentication (MFA), Salt Typhoon, signal, SIM Swapping, smartphone, Threats, Yubico
CISA pushes guide for high-value targets to secure mobile devices
The Cybersecurity and Infrastructure Security Agency unveiled a detailed set of guidelines Wednesday to safeguard the mobile communications of high-value government targets in the wake of the ongoing Salt Typhoon telecom breach. The guide aims to help both political and federal leadership harden their communications and avoid any data interception by the Chinese-linked espionage group.…
APT41, Asia Pacific, backdoor, china, Cybercrime, Geopolitics, Global Security News, Government, malware, nation-state hackers, php, QiAnXin, Threats, Winnti
PHP backdoor looks to be work of Chinese-linked APT group
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin’s XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. After initially discovering the malware in…
Amnesty International, Amnesty Tech, Cellebrite, Donald Trump, Donncha Ó Cearbhaill, Geopolitics, Global Security News, Norway, NoviSpy, NSO Group, pegasus, privacy, Serbia, Spyware, surveillance, Threats
Amnesty International exposes Serbian police’s use of spyware on journalists, activists
Serbian police and intelligence authorities have combined phone-cracking technology with spyware to eavesdrop on activists and journalists there, Amnesty International revealed in a report Monday, in what the human rights group says could be a disturbing preview of a future era of digital surveillance. Amnesty International’s 87-page document surveys the broader picture of digital spying…
Explainers, Exploits, Global Security News, Security Bloggers Network, Threats
What’s a Zero-Day Vulnerability? Prevent Exploits and Attacks
Zero-day vulnerabilities are serious threats. They’re completely unknown to both the vendor and the user. That gives attackers a significant advantage, allowing them to attack systems before patches are available. The post What’s a Zero-Day Vulnerability? Prevent Exploits and Attacks appeared first on Security Boulevard.
booter and stresser services, Cybercrime, Cybersecurity, DDoS, Department of Justice (DOJ), Europe, Europol, Global Security News, Government, National Crime Agency, Threats
International crackdown disrupts DDoS-for-hire operations
In a sweeping international crackdown, law enforcement agencies from 15 countries, including the United States and multiple European nations, have dismantled 27 of the most popular platforms used for carrying out distributed denial-of-service (DDoS) attacks, Europol announced Wednesday. The operation, known as PowerOFF, has led to the arrest of three administrators in France and Germany…
Cybersecurity, Exploits, Geopolitics, Global Security News, Microsoft, Research, Threats, Turla
Turla living off other cybercriminals’ tools in order to attack Ukrainian targets
A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed. This clandestine approach, which is the second time in as many weeks that Microsoft has highlighted the group’s effort, shows how Turla uses a wide range of attack…
Clop, Exploits, Global Security News, LockBit, MITRE, Ransomware, Research, Technology, Threats
Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware
MITRE Corporation released findings Wednesday from its latest round of ATT&CK evaluations, assessing the capabilities of enterprise cybersecurity solutions against some of the most prevalent ransomware tactics and North Korean malware. The sixth such evaluation from the nonprofit research organization measured 19 different vendors’ ability to protect enterprise systems by evaluating them against two prominent…