Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to … [Read more...] about UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Infrastructure
CrowdStrike Expands Support to Oracle Cloud Infrastructure
CrowdStrike is thrilled to announce a collaboration with Oracle that will bring the unified, AI-powered protection of CrowdStrike Falcon® Cloud Security support to Oracle Cloud Infrastructure (OCI). As OCI has become a strategic choice for organizations seeking enterprise-grade performance and security, this expansion improves the visibility and protection to defend against … [Read more...] about CrowdStrike Expands Support to Oracle Cloud Infrastructure
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default … [Read more...] about Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators
Feb 11, 2024NewsroomMalware / Cybercrime The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and three others – were "used to sell computer malware used by cybercriminals to secretly access and steal data from victims' computers," the … [Read more...] about U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. "Volt Typhoon's choice of targets and … [Read more...] about Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, … [Read more...] about U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
New Ransomware Group Emerges with Hive’s Source Code and Infrastructure
Nov 13, 2023NewsroomCyber Threat / Malware The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. "It appears that the leadership of the Hive group made the strategic decision to cease their operations and … [Read more...] about New Ransomware Group Emerges with Hive’s Source Code and Infrastructure
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a "key target" in France. "In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia," the agency said. "The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in … [Read more...] about Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
May 25, 2023Ravie LakshmananCyber Threat / Espionage A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence team is tracking the activity, which includes post-compromise … [Read more...] about China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come … [Read more...] about Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach