While tracking the activities of 4BID Kaspersky researchers uncovered a new string of campaigns that appear to be the work of several interconnected actors. While politically motivated groups generally limit their scope to specific nations – for 4BID and its peers, primarily Russian and occasionally Belarusian organizations – the latest findings reveal a shift. The actual geographic footprint of these attacks became broader than expected, striking companies across Kazakhstan, the UAE, Syria, and Egypt.
What triggered Kaspersky’s investigation was spotting a cluster of indicators of compromise within a breached Russian organization’s infrastructure. The researchers used these footprints to successfully track down other environments hit by the same threat actors and piece together the bigger picture.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Debt collection agency FBCS leaks information of 3 million US citizens
June 4, 2024
The US debt collection agency Financial Business and Consumer Solutions (FBCS) has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of its activity involving the recovery of consumer debts on behalf of creditors. ...
- Scammers Defraud Individuals via Work-From-Home Scams
June 4, 2024
The FBI warns of scammers offering victims fake work-from-home jobs, typically involving a relatively simple task, such as rating restaurants or “optimizing” a service by repeatedly clicking a button. The scammers pose as a legitimate business, such as a staffing or recruiting agency,and may contact victims via an unsolicited call or message. Scammers design the fake ...
- The Dreaded Network Pivot: An Attack Intelligence Story
June 4, 2024
Rapid7 recently released our 2024 Attack Intelligence Report, a 14-month deep dive into the vulnerability and attacker landscape. The spiritual successor to their annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with their detection and response and threat intelligence teams. It is designed to provide the clearest view yet into ...
- Hospitals in London declared critical incident after cyber-attack
June 4, 2024
Major hospitals in London have declared a critical incident after a cyber-attack led to operations being cancelled and emergency patients being diverted elsewhere. It applies to hospitals partnered with Synnovis – a provider of pathology services. King’s College Hospital, Guy’s and St Thomas’ – including the Royal Brompton and the Evelina London Children’s Hospital – and ...
- The impact of legacy vulnerabilities in today’s cybersecurity landscape
June 4, 2024
Of the top five most widely used network attacks against SMBs, the ‘newest’ vulnerability represented were nearly three years old, while the oldest were over a decade old – which is primitive when considering the modern threat environment. The results are a clear reminder for CISOs and cybersecurity leaders that they must assess organizational threats based ...
- Navigating Cyber Risk Through Collaboration
June 3, 2024
The constantly evolving cyber risk landscape presents a formidable challenge to organizations, as businesses transform, scopes and boundaries shift, and bad actors develop new tactics and techniques to exploit vulnerabilities and compromise systems. With the rate of risk velocity increasing faster than the resources of most risk-focused teams, collaboration and working together smarter is one of ...