Italian political consultant says he was targeted with Paragon spyware

Francesco Nicodemo, a consultant who works with left-wing politicians in Italy, has gone public as the latest person targeted with Paragon spyware in the country. On Thursday, Nicodemo said in a Facebook post that for 10 months, he preferred not Read More …

When Your Calendar Becomes the Compromise

It starts innocently enough. A new meeting appears in your Google calendar and the subject seems ordinary, perhaps even urgent: “Security Update Briefing,” “Your Account Verification Meeting,” or “Important Notice Regarding Benefits.” You assume you missed this invitation in your Read More …

Operation South Star: 0-day Espionage Campaign Targeting Domestic Mobile Phones

In recent years, during high-intensity confrontations with Advanced Persistent Threat (APT) groups from the Northeast Asia region, the RedDrip team at QiAnXin Threat Intelligence Center has discovered nearly 20 0day vulnerabilities involving domestic software. Some details have been disclosed in Read More …

Phone location data of top EU officials available for sale

Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location histories sold by data brokers, despite the continent having some of the strongest data protection laws in the world. EU officials said Read More …

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying on Read More …

Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks

Rogue employees of a Chicago company that specializes in negotiating ransoms to mitigate cyber attacks were carrying out their own piracy in a plot to extort millions of dollars from a series of companies, prosecutors say. Kevin Tyler Martin, a Read More …

Canadian government claims hacktivists are attacking water and energy facilities

The Canadian government has issued a new security alert warning of so-called hacktivists targeting Industrial Control Systems (ICS). The report says the Cyber Centre and the Royal Canadian Mounted Police has received “multiple reports” of incidents involving internet-accessible ICS. Among Read More …

Government hackers breached telecom giant Ribbon for months before getting caught

U.S. telecommunications giant Ribbon has confirmed that government-backed hackers had access to its network for almost a year before getting caught, according to a public filing. The telco giant said in a 10-Q disclosure last week with the U.S. Securities Read More …

UK: Woman charged after around 100 patient records accessed in data breach

A woman has been charged after around 100 patients had their medical records accessed in a data breach at NHS Lothian. The health board has written letters to patients affected by the breach, which they say was caused by one Read More …

Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack

Palo Alto Unit 42 researchers have discovered a new Windows-based malware family they’ve named Airstalk, which is available in both PowerShell and .NET variants. Unit 42 assess with medium confidence that a possible nation-state threat actor used this malware in Read More …