Risk
-
Mozilla Alerts Developers to Phishing Threats Targeting Add-On Accounts
Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its AMO repository, urging them to exercise caution and verify the authenticity of emails claiming to be from the organization.
-
State-Sponsored Attack Targets Southeast Asian Telecommunications
A state-sponsored hacking group, CL-STA-0969, has targeted Southeast Asian telecommunications networks, employing sophisticated tools to establish remote access while avoiding detection. The report highlights significant overlaps with other espionage groups and emphasizes the need for robust cybersecurity measures.
-
Storm-2603 Exploits SharePoint Vulnerabilities to Deploy Ransomware
A recent analysis reveals that Storm-2603, a suspected China-based threat actor, is exploiting Microsoft SharePoint vulnerabilities using a bespoke command-and-control framework, deploying ransomware like Warlock and LockBit.
-
Experts Warn of New Phishing Threats Exploiting Link Wrapping Services
Cybersecurity experts have identified a new phishing campaign that exploits link wrapping services from leading vendors to conceal malicious links, significantly raising the risk of successful attacks. The tactics involve sophisticated methods of masking URLs, allowing threat actors to redirect victims to fraudulent pages designed to capture sensitive information.
-
Russian Espionage Group Targets Diplomats Through Innovative Malware
Microsoft has uncovered that Russian espionage group Secret Blizzard has been spying on foreign diplomats in Moscow since at least 2024, utilizing sophisticated malware and surveillance tactics to maintain access to sensitive communications.
-
New Encoding Attack Accelerates SS7 Vulnerabilities in Mobile Networks
Researchers have uncovered a new method that enables attackers to bypass SS7 protections through encoding manipulation, posing significant security risks to mobile networks. This technique has already been employed by a surveillance vendor to extract sensitive mobile subscriber location data.
-
Dollar Tree Hit by Major Data Breach, INC Ransomware Claims Responsibility
The INC Ransomware group claims to have stolen 1.2TB of sensitive data from Dollar Tree, raising serious cybersecurity concerns. The company denies any involvement and attributes the claims to data originating from 99 Cents Only Stores. The incident highlights the growing threat of ransomware attacks.
-
Cybercrime Group Scattered Spider Targets VMware ESXi in Coordinated Attacks
Scattered Spider has intensified its attacks against VMware ESXi hypervisors in North America, employing advanced social engineering tactics that pose an acute risk to critical infrastructure. Google’s Mandiant team warns that organizations must adopt proactive security measures to defend against these targeted attacks.
-
New Ransomware Group ‘Chaos’ Emerges Following Takedown of BlackSuit
The emergence of Chaos, a new ransomware group that is likely a rebranding of BlackSuit, highlights ongoing challenges in the fight against ransomware. Following Operation CheckMate, which dismantled BlackSuit’s operations, evidence suggests Chaos retains similar encryption methods and tactics, using social engineering to target victims.
-
NASCAR Confirms Major Data Breach Linked to Medusa Ransomware Group
NASCAR has confirmed a significant data breach caused by the Medusa ransomware group, which is demanding a $4 million ransom. The stolen data includes sensitive personal information and operational documents. NASCAR is offering affected individuals credit monitoring and identity theft protection services.
