Malware & Threats US Says China’s Volt Typhoon Hackers ‘Pre-Positioning’ for Cyberattacks Against Critical Infrastructure New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers. Ryan NaraineFebruary 7, 2024
Cybersecurity Funding In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers Noteworthy stories that might have slipped under the radar: Palo Alto Networks ordered to pay $150 million in patent lawsuit, identity solutions firms get... SecurityWeek NewsFebruary 3, 2024
Malware & Threats US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks The US government slaps sanctions against six Iranian government officials linked to cyberattacks against Israeli PLC vendor Unitronics. Ryan NaraineFebruary 2, 2024
Nation-State Cloudflare Hacked by Suspected State-Sponsored Threat Actor A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack. Ionut ArghireFebruary 2, 2024
Cyberwarfare Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure Video: Top US cyber officials testify on China’s cyber threat to U.S. national security and critical infrastrcuture. SecurityWeek NewsFebruary 1, 2024
Nation-State US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon The US government neutralizes a botnet full of end-of-life Cisco and Netgear routers being by a notorious Chinese APT group. Ryan NaraineJanuary 31, 2024
Nation-State Ivanti Struggling to Hit Zero-Day Patch Release Schedule Ivanti is struggling to hit its own timeline for the delivery of patches for critical -- and already exploited -- flaws in its flagship... Ryan NaraineJanuary 29, 2024
Malware & Threats Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan. Ionut ArghireJanuary 26, 2024
Email Security HPE Says Russian Government Hackers Had Access to Emails for 6 Months HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months. Eduard KovacsJanuary 25, 2024
Nation-State Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half. Ionut ArghireJanuary 22, 2024
Data Breaches Microsoft Says Russian Gov Hackers Stole Email Data From Senior Execs A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. Ryan NaraineJanuary 19, 2024
Malware & Threats Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks. Ryan NaraineJanuary 17, 2024