The threat landscape is full of moving targets. Over time, popular tools, tactics, and procedures change. Malicious techniques fall out of fashion, only to come roaring back months, if not years, later. All the while, security practitioners monitor network traffic and adapt their defenses to protect their users and networks. Keeping on top of these trends is one of the most … [Read more...] about How to Monitor Network Traffic: Findings from the Cisco Cyber Threat Trends Report
Cyber
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
Jun 05, 2024NewsroomCyber Espionage / Threat Intelligence An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese … [Read more...] about Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
May 31, 2024NewsroomNetwork Security / Cyber Attack More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a single … [Read more...] about Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices
Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets," the Microsoft Threat … [Read more...] about Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
May 24, 2024NewsroomEndpoint Security / Threat Intelligence The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created their own rogue VMs within … [Read more...] about Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Apr 24, 2024NewsroomCyber Attack / Cyber Espionage The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front … [Read more...] about U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Apr 13, 2024NewsroomCyber influence / Warfare The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir 'Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, … [Read more...] about U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
Apr 03, 2024NewsroomData Breach / Incident Response The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year. The findings, released by the Department of Homeland Security (DHS) on Tuesday, … [Read more...] about U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), … [Read more...] about U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
AI’s Expanding Role in Cyber Attacks
Mar 19, 2024NewsroomGenerative AI / Incident Response Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," … [Read more...] about AI’s Expanding Role in Cyber Attacks