ToddyCat: Keep calm and check logs
In this article, we’ll describe ToddyCat new toolset, the malware used to steal and exfiltrate data, and the techniques used by this group to move laterally and conduct espionage operations.
data theft
Backdoored Android phones, TVs used for ad fraud – and worse!
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. The company’s Satori Threat Intelligence and Resear…
National Student Clearinghouse MOVEit breach impacts nearly 900 schools
US educational nonprofit organization National Student Clearinghouse (NSC) has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students. T…
Evil Telegram doppelganger attacks Chinese users
Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user data.
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere where it shouldn&…
Critical Insight Reports Fewer Cybersecurity Breaches in Health Care, Yet Victim Numbers Are Up in 2023
A new study by Critical Insight shows that cybersecurity attacks in the health care sector are hitting more individuals and finding vulnerabilities in third-party partners.
Phishing with hacked sites
Scammers are hacking websites powered by WordPress and placing phishing pages inside hidden directories. We share some statistics and tips on recognizing a hacked site.
How executives’ personal devices threaten business security
Today, individual people – not businesses or government entities as a whole – are the primary targets, or entry points, for all major cyberattacks, according to Agency. Yet, while the cyber threat landscape has seen this major shift, securi…
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is…
Has the MOVEit hack paid off for Cl0p?
The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. The cyber extortion group has lately sw…