News • Insights • Analysis
The BI.ZONE Threat Intelligence team has identified at least a dozen campaigns linked to Scaly Wolf. The impact spreads across organizations from various industries in Russia, including manufacturing and logistics. One of the group’s characteristics in gaining initial access is Read More …
The United States on Friday imposed sanctions targeting Iran’s ballistic missile and drone procurement programmes as well as officials it said were involved in hacking US infrastructure, as Washington looks to increase pressure on Tehran. The US Treasury Department said Read More …
In the vast expanse of space, satellites orbit silently, serving as the connected backbone of our modern world. A fast-proliferating network of satellites forms the critical infrastructure that supports global communication, navigation, weather forecasting, defensive operations and more. Today’s global Read More …
HP Enterprise was infiltrated by a hacking group linked to Russian intelligence last year, the business IT company has revealed in a Securities and Exchange Commission filing. The threat actor is believed to be Midnight Blizzard, also known as Cozy Read More …
Cyber attacks by Russian government-funded groups on the resources run by the Ministry of Defense using phishing, distribution of remote code execution malware, and blocking of access to web resources have been recorded. “Last day, attacks on Ukraine’s government and Read More …
South Korean spy agency on Wednesday reported a significant uptick in attempts of cyber attacks by foreign sources last year, waged mainly by North Korea and China. Chinese attacks tended to inflict more severe damage than North Korean ones, despite Read More …
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified Read More …
While publicly reported and patched in October 2023, Mandiant and VMware Product Security have found UNC3886, a highly advanced China-nexus espionage group, has been exploiting CVE-2023-34048 as far back as late 2021. These findings stem from Mandiant’s continued research of Read More …
Over the years, TAG has analyzed a range of persistent threats including COLDRIVER (also known as UNC4057, Star Blizzard and Callisto), a Russian threat group focused on credential phishing activities against high profile individuals in NGOs, former intelligence and military Read More …
Iranian espionage group Seedworm (aka Muddywater) has been targeting organizations operating in the telecommunications sector in Egypt, Sudan, and Tanzania. Seedworm has been active since at least 2017, and has targeted organizations in many countries, though it is most strongly Read More …
