Cloud Security Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails. Ryan NaraineSeptember 6, 2023
Malware & Threats Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. Eduard KovacsAugust 2, 2023
Cloud Security Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors. Ionut ArghireAugust 1, 2023
Cyberwarfare Rapid7: Japan Threat Landscape Takes on Global Significance Rapid7 analyzes the Japan threat landscape and warns that attacks against the third-largest economy in the world have global consequences. Kevin TownsendJune 29, 2023
Nation-State Researchers Spot APTs Targeting Small Business MSPs Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses. Ryan NaraineMay 24, 2023
Cyberwarfare New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments The newly detailed GoldenJackal APT has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. Ionut ArghireMay 23, 2023
Malware & Threats Kaspersky Analyzes Links Between Russian State-Sponsored APTs Kaspersky believes that Russia-linked threat actors Tomiris and Turla are cooperating at least at a minimum level. Ionut ArghireApril 25, 2023