Prioritize patching vulnerabilities associated with ransomware

A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022. In the last quarter, ransomware attacks have made mainstream headlines on a near-daily basis, with groups like Lapsus$ and Conti’s names splashed across the page. Major organizations like […]

Continue Reading

Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT

Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […]

Continue Reading

Experts uncovered a new wave of attacks conducted by Mustang Panda

China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of attacks. In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. The attacks were also reported by Google’s TAG team, which confirmed they were for […]

Continue Reading

US gov sanctions cryptocurrency mixer Blender also used by North Korea-linked Lazarus APT

The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury sanctioned the cryptocurrency mixer Blender.io used by the North Korea-linked Lazarus APT to launder the funds stolen from Axie Infinity’s Ronin bridge. This is the first time ever, Treasury is sanctioning a virtual currency mixer. […]

Continue Reading

China-linked Winnti APT steals intellectual property from companies worldwide

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers from Cybereason uncovered a sophisticated cyberespionage campaign, dubbed Operation CuckooBees, aimed at stealing intellectual property from the victims. The campaign flew under the radar since at least 2019, it was attributed by the experts to […]

Continue Reading

Mustang Panda deploys a new wave of malware targeting Europe

By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns… [[ This is only the beginning! Please visit the blog for […]

Continue Reading

Mustang Panda deploys a new wave of malware targeting Europe

By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns… [[ This is only the beginning! Please visit the blog for […]

Continue Reading