• China becomes main victim of advanced persistent threat attacks: Ministry of State Security

    September 16, 2023

    According to the Ministry of State Security on Saturday which is the 23rd National Defense Education Day, China has become the main victim of advanced persistent threat (APT) attacks, adding that cyberspace has become an important battleground for foreign intelligence agencies to conduct cyber espionage against China, Xinhua Daily Telegraph reported. The national security departments of ...

  • UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware, Extortion, and Notoriety

    September 15, 2023

    UNC3944 is a financially motivated threat cluster that has persistently used phone-based social engineering and SMS phishing campaigns (smishing) to obtain credentials to gain and escalate access to victim organizations. At least some UNC3944 threat actors appear to operate in underground communities, such as Telegram and underground forums, which they may leverage to acquire tools, ...

  • Cyber-attacks: the apex of crime-as-a-service (IOCTA 2023)

    September 15, 2023

    The Spotlight Report ‘Cyber-attacks: the apex of crime-as-a-service’, examines the developments in cyber-attacks, discussing new methodologies and threats as observed by Europol’s operational analysts. It also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are exploiting changes in geopolitics as part of their methodologies. This report is the ...

  • UK: Greater Manchester Police officers’ details hacked in cyber attack

    September 14, 2023

    Police officers’ personal details have been hacked after a company was targeted in a cyber attack. The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP). The force confirmed it was aware of the ransomware attack. The hack means thousands of ...

  • Watch out, this LastPass email with “Important information about your account” is a phish

    September 14, 2023

    The consequences of last year’s LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the “unauthorized party” that compromised LastPass users’ data was able to steal password vaults, it’s likely that they are having a hard time cracking them open. LastPass’s own ...

  • Threat landscape for industrial automation systems. Statistics for H1 2023

    September 13, 2023

    In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. That said, he percentage of attacked ICS computers dropped in Q1 2023, but then rose again in Q2 2023, reaching highest quarterly figure since 2022 – 26.8%. Read more… Source: Kaspersky  

  • 3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack

    September 13, 2023

    A new ransomware family calling itself 3AM has emerged. To date, the ransomware has only been used in a limited fashion. Symantec’s Threat Hunter Team, part of Broadcom, has seen it used in a single attack by a ransomware affiliate that attempted to deploy LockBit on a target’s network and then switched to 3AM when ...

  • RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

    September 13, 2023

    Trend Micro researchers have been observing malware families RedLine and Vidar since the middle of 2022, when both were used by threat actors to target victims via spear-phishing scams. Earlier this year, RedLine targeted the hospitality industry with its info stealer malware. Their latest investigations show that the threat actors behind RedLine and Vidar now ...

  • Sri Lanka: Report called over cyberattack on government sites

    September 13, 2023

    The Ministry of Technology said an investigation was called into the cyberattack that transpired on the 26th of August 2023. The statement added that the cyberattack, which targeted email systems under the ‘’ domain, resulted in substantial data loss and a disruption of communications within various state offices. It stated that the ICTA disclosed that this ...

  • New MidgeDropper Variant

    September 12, 2023

    One of the most exciting aspects of malware analysis is coming across a family that is new or rare to the reversing community. Determining the function of the malware, who created it, and the reasons behind it become a mystery to solve. The previously unseen dropper variant FortiGuard Labs researchers recently found, named MidgeDropper, has ...