Security Bulletin

After achieving initial access to a Storm-0156 C2 server in December 2022, Turla sought to take over more of the Pakistani threat operation's C2s to compromise Afghan government organizations' networks with the TwoDash downloader and Statuezy trojan.

"We wanted to make sure we did it before the holidays, so we could start writing out how we think about the problem, and then ultimately, what are the key recommendations that we need to bring forward to enable us to strengthen the security of the...

At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.

The offerings are AI cybersecurity assistant BIX, Cyber Risk Assessments, a one-time AI-powered vulnerability evaluation, and a continuous threat and exposure management platform called D3.

Richard Horne, a senior official at the agency, highlighted how adversaries exploit the nation’s technological dependence to maximize disruption and destruction.

The site, which has been in operation since 2012, boasted over 100 vendors and 100,000 customers, facilitating illegal transactions in cryptocurrencies like Bitcoin and Monero.

Security researchers at the recent Cyberwarcon conference in Washington, D.C., detailed North Korea’s increasing use of fraudulent IT workers to infiltrate multinational corporations and funnel earnings to the North Korean regime while conducting...

The flaw is rated 9.8 on the CVSS scale and affects WhatsUp Gold versions from 2023.1.0 to before 24.0.1.

AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.

The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.

By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.

Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.