Russia linked hackers hit UK Ministry of Defence as security secrets leaked

Top secret security information on British military and intelligence sites has been leaked online by hackers linked to Russia. They released thousands of pages of data which could help criminals get into the HMNB Clyde nuclear submarine base, the Porton Read More …

Anonymous Sudan hacks X to put pressure on Elon Musk over Starlink

A hacking group called Anonymous Sudan took X, formerly known as Twitter, offline in more than a dozen countries on Tuesday morning in an attempt to pressurise Elon Musk into launching his Starlink service in their country. X was down Read More …

SapphireStealer: Open-source information stealer enables credential and data theft

SapphireStealer, an open-source information stealer, has been observed across public malware repositories with increasing frequency since its initial public release in December 2022. Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often Read More …

New hierarchy, heightened threat: Classiscam’s sustained global campaign

Classiscam was initially launched as a relatively straightforward scam operation. Cybercriminals created fake ads on marketplaces and classified sites, and leveraged social engineering techniques to trick users into “buying” the falsely-advertised goods or services, whether by transferring money directly to Read More …

UK: National Grid plots ‘honeypots’ to catch hackers as cyber attacks ramp up

National Grid is to set “honeypots” and plant false documents online as part of efforts to counter a surge in cyber attackers. The Grid has advertised a contract worth more than a million pounds to secure advanced cyber “deception” technology Read More …

CISA and FBI Publish Joint Advisory on QakBot Infrastructure

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity and malware. QakBot—also Read More …

Exploring the Inner Workings of DuckTail

In their persistent quest to decode DuckTail’s maneuvers, Zscaler ThreatLabz began an intelligence collection operation in May 2023. Through an intensive three-month period of monitoring, Zscaler researchers obtained critical details about DuckTail’s operational framework. This expedition granted them unprecedented visibility Read More …

CISA Releases IOCs Associated with Malicious Barracuda Activity

CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as Read More …

Deconstructing ransomware, cybercriminals and their modus operandi

The problem of ransomware is a seemingly age-old problem that is not going away, at least not any time soon. Governments and law enforcement are banding together to try to battle this issue with financial sanctions and takedowns of the Read More …