Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will Read More …

France: Free ISP announces data breach, millions of users possibly affected

One of the biggest internet service providers (ISP) in France has confirmed suffering a cyberattack that saw it lose sensitive customer data. A threat actor alias “drusselx” opened a new thread on the infamous Breach forums, advertising a major database Read More …

Hackers breach sensitive government and police data in Italy

Prosecutors in Milan have uncovered a network of hackers and former law enforcement officials accused of using malware and insider contacts to break into several government databases, including the Interior Ministry. The group allegedly accessed over 800,000 confidential records, even Read More …

Businesses expect cyber threats to rise, but aren’t ready for them

It’s no secret that cyber-attacks are becoming increasingly sophisticated, while simultaneously growing in number and volume. Research from the Business Continuity Institute reports that cyber threats have increased in severity over the past year, with 75% of respondents reporting a Read More …

100 million people hit in largest healthcare data breach in history – medical info, SSNs and more

More than 100 million people had their personal information and healthcare data stolen in the massive UnitedHealth ransomware attack earlier this year, making it the largest healthcare data breach in the country. After completing its investigation into February’s data breach, Read More …

Exploring CVE-2024-38227 vulnerability in Microsoft SharePoint

On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities Read More …

Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers

Many software manufacturers and service providers deploy software and configuration updates as part of their service offerings. These updates may enhance features and/or address security vulnerabilities to provide benefits and security to customers. However, software and the systems that deploy Read More …

Command Injection and Local File Inclusion in Grafana: CVE-2024-9264

The SonicWall Capture Labs threat research team became aware of a critical vulnerability in Grafana, assessed its impact and developed mitigation measures. Grafana is a multi-platform open-source analytics and visualization solution that can produce charts, graphs and alerts according to Read More …

The Crypto Game of Lazarus APT: Investors vs. Zero-days

On May 13, 2024, Kaspersky consumer-grade product Kaspersky Total Security detected a new Manuscrypt infection on the personal computer of a person living in Russia. Since Lazarus rarely attacks individuals, this piqued Kaspersky researchers interest and they decided to take Read More …