Updates

Financial Sector Faces Supply Chain Risk

New research reveals significant gaps in third-party risk management within the financial sector, highlighted by recent incidents like the CrowdStrike IT outage. Despite increasing reliance on complex third-party IT ecosystems, only a small percentage of financial institutions have robust exit plans for supplier disruptions. The lack of preparedness leaves the …

Read More

French Museums Hit by Cyberattack

The Brain Cipher ransomware group claims they orchestrated a cyberattack on several French national museums, including the iconic Le Grand Palais, during the recent Olympic Games. They allege they have stolen 300GB of data and plan to leak it today. The attack targeted financial systems related to 40 institutions overseen …

Read More

Hackers Breach Online Stores, Steal Data

A new malware campaign targeting Magento-based online stores has surfaced, with cybercriminals injecting digital skimmers to steal credit card details. These skimmers capture information like card numbers, expiration dates, and CVV codes during the checkout process. The attackers exploited a common vulnerability across hundreds of stores, resulting in over a …

Read More

Everest Ransomware Targets US Healthcare

The Everest ransomware group, a Russian-speaking threat actor, has intensified its focus on the U.S. healthcare sector. This group, active since 2020, recently claimed responsibility for attacks on medical care providers in New York and Nevada, stealing sensitive patient and doctor information. Everest’s activities include ransomware operations and selling unauthorized …

Read More

Threat Actors Exploit Slack Search Ads

A recent malvertising campaign has targeted Slack users by leveraging Google’s ad platform. The attackers created a fake ad that initially appeared legitimate, redirecting users to Slack’s official site. However, after days of inactivity, the ad began directing users to a fraudulent website designed to mimic Slack and deliver malware. …

Read More

Steam Platform Used in Cyberattack

Cybercriminals are exploiting the Steam gaming platform to host command and control (C2) domains by using Steam user accounts. This allows malware to fetch details for establishing a destination for C2 or data exfiltration. A recent investigation revealed a threat actor hiding their C2 domains with a substitution cipher, which, …

Read More

RansomHub Uses EDR-Killing Tool

Sophos researchers recently analyzed a ransomware attack by RansomHub, uncovering a new tool that disables Endpoint Detection and Response (EDR) systems. They named this tool EDRKillShifter, which allows attackers to disable EDR agents before launching further attacks. John Bambenek, President of Bambenek Consulting, noted that while RansomHub currently uses this …

Read More

Microsoft macOS Apps Vulnerabilities Exposed

Researchers discovered eight vulnerabilities in Microsoft applications for macOS, including Teams, Outlook, and Word, that could allow attackers to gain access to users’ microphones, cameras, and more. The vulnerabilities exploit permissions previously granted to the apps, enabling malicious actors to record video or audio without the user’s knowledge. According to …

Read More

Cloud Misconfigurations Threaten 110,000 Domains

Security researchers at Palo Alto Networks uncovered a large-scale extortion campaign exploiting misconfigured cloud environments. Attackers targeted over 110,000 domains by accessing exposed .env files, which contained sensitive information like AWS IAM keys, SaaS API keys, and database logins. These misconfigurations allowed attackers to infiltrate cloud environments, exfiltrate data, and …

Read More