News – September 2023

September 26, 2023

The Ransomware-as-a-Service (RaaS) market is a fast-moving one. Prominent RaaS or affiliate groups can form, wreak havoc, and disband all within a short period of time. In this blog, Group-IB researchers will detail what they believe to be a new RaaS group that appears to operate differently from the rest: Enter ShadowSyndicate. What is unusual about ...

September 25, 2023

This summary provides an overview of reports of APT and financial attacks on industrial enterprises that were disclosed in H1 2023, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities. For each topic, Kaspersky researchers have sought to summarize the key facts, findings, and conclusions of the ...

September 25, 2023

China on Monday released guidelines to severely punish cyberspace violations that target minors, involve paid posters, fabricate “sexual” topics and use artificial intelligence to disseminate illegal information. The guidelines on punishing crimes of cyberspace violence in accordance with laws were jointly issued by China’s Supreme People’s Court, China’s Supreme People’s Procuratorate and China’s Ministry of Public ...

September 25, 2023

Cyber security breaches for UK financial services firms have increased threefold from the years of 2021-2022 and 2022-2023, with the highest – reportedly – being in the pensions sector. New research by the international law firm RPC shows that the amount of reports of cyber security breaches to the Information Commissioners Office (ICO) has increased from ...

September 23, 2023

Ukrainian hackers have hacked into the Russian database of the Sirena-Travel booking system, obtaining information on 664 million flights over the last 16 years. They also obtained the names, phone numbers and document numbers of the passengers. News of this was posted on the Telegram channel of the hacker community KibOrg. An unknown group called Muppets, ...

September 23, 2023

T-Mobile is often in the news for the wrong reasons. Yesterday, a glitch in the company’s system showed personal customer information to the wrong account holders. And now, there is fear that freshly leaked data that is available online could help bad actors gain access to sensitive information. In T-Mobile’s defense, the carrier cannot be blamed ...

September 22, 2023

The websites for Wacoal, Fantasie, Freya and Elomi are all down and displaying an error message stating that the sites are “under maintenance”. One independent Wacoal stockist told Drapers the European arm of the Japanese business had been hit by a cyber attack on Tuesday (19 September) which has affected ordering systems, websites and phone systems. Read ...

September 22, 2023

A cluster of threat actor activity that Unit 42 observed attacking a Southeast Asian government target could provide insight into a rarely seen, stealthy APT group known as Gelsemium. The researchers found this activity as part of an investigation into compromised environments within a Southeast Asian government. Unit 42 researchers identified the cluster as CL-STA-0046. This unique ...

September 22, 2023

“Bermuda’s Government IT systems were subjected to a major cyber-attack” and the UK’s National Cyber Security Centre and the National Crime Agency “have been in contact with the Bermuda authorities, and are providing advice to support them,” Governor Rena Lalgie said. The Governor said, “Yesterday Bermuda’s Government IT systems were subjected to a major cyber-attack. That ...

September 22, 2023

During the lead up to Ukraine’s counteroffensive, Mandiant and Google’s Threat Analysis Group (TAG) have tracked an increase in the frequency and scope of APT29 phishing operations. Investigations into the group’s recent activity have identified an intensification of operations centered on foreign embassies in Ukraine. Notably, as part of this activity, Mandiant have seen phishing emails ...