Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)

Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet’s FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European Read More …

NortonLifeLock warns that hackers breached Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Read More …

A UN committee is struggling to define what cybercrime is in upcoming treaty

A United Nations committee – whose members include delegates from the U.S., China and Russia — is meeting throughout this week and next to continue negotiations for a new international cybercrime treaty. Why it matters: The finished UN cybercrime treaty Read More …

Luna Moth Callback Phishing Campaign

Unit 42 investigated several incidents related to the Luna Moth/Silent Ransom Group callback phishing extortion campaign targeting businesses in multiple sectors including legal and retail. This campaign leverages extortion without encryption, has cost victims hundreds of thousands of dollars and Read More …

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed Read More …

1,900 Signal users exposed: Twilio attacker ‘explicitly’ looked for certain numbers

The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed. However, Signal Read More …

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a Read More …

The United Kingdom Is Prepared for NATO-Russia Cyber Conflict

The unfolding Ukraine crisis has focused attention on the role of cyber operations in defensive and offensive military-intelligence strategy. Russia’s cyber aggression against Ukrainian government and civilian targets was expected and is consistent with its long-standing information war strategy and Read More …

Cyber espionage campaign targets renewable energy companies

A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust Read More …