News • Insights • Analysis
Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet’s FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European Read More …
Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Read More …
A United Nations committee – whose members include delegates from the U.S., China and Russia — is meeting throughout this week and next to continue negotiations for a new international cybercrime treaty. Why it matters: The finished UN cybercrime treaty Read More …
Unit 42 investigated several incidents related to the Luna Moth/Silent Ransom Group callback phishing extortion campaign targeting businesses in multiple sectors including legal and retail. This campaign leverages extortion without encryption, has cost victims hundreds of thousands of dollars and Read More …
Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed Read More …
The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed. However, Signal Read More …
Software allowing users to control their PC with a webcam, using intricate movements in their face and body, has been developed by academics and students in UCL Computer Science and could revolutionise the way millions of people use computers. The Read More …
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a Read More …
The unfolding Ukraine crisis has focused attention on the role of cyber operations in defensive and offensive military-intelligence strategy. Russia’s cyber aggression against Ukrainian government and civilian targets was expected and is consistent with its long-standing information war strategy and Read More …
A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust Read More …
