The threats faced in cyber security are constantly evolving, with state actors taking part in cyber espionage, and cyber criminal groups creating paid-for campaigns and offering services for hire. The National Cyber Security Centre (NCSC), a part of GCHQ, and the UK government’s technical authority for cyber security, have released their annual review for 2022 […]
Evolving Cyber Security Threats in 2022 Read More »
The threat group tracked as DEV-0832 by Microsoft’s security threat intelligence analysts, also known as Vice Society, are a group of cyber criminals that are thought to have been active since at least June 2021. They have been credited for ransomware and extortion campaigns across the world but have mainly focused on US-based targets. The
Vice Society: Opportunistic Ransomware Group Read More »
A spoofing vulnerability in Microsoft Azure Service Fabric can be exploited by attackers to gain admin privileges and take over Service Fabric clusters. Although there are not currently reports of this vulnerability being exploited in the wild, proof of concept (PoC) code for this attack vector does exist. Cloud security platform Orca Security first discovered
Microsoft Azure Vulnerability Exploit in SF Clusters Read More »
The release of the 2022 Falcon OverWatch Threat Hunting Report from CrowdStrike has revealed the recent trends in cyber crime from July 2021 to June 2022. According to the report, the number of cyber crime campaigns has increased by 50% with financial crime accounting for 43% of all attacks. According to CrowdStrike’s analysis cyber crime
The Current and Future Trends in Cyber Crime Read More »
A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data
Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »
Microsoft’s Threat Intelligence Center (MSTIC) have recently discovered a new malware capability that NOBELIUM are using called MagicWeb. Highly active threat actor NOBELIUM are known for targeting organisations across Europe, Central Asia, and the USA. First detected in 2020, they use unique malware that is usually tailored to their current target. The MagicWeb malware is
NOBELIUM’s Backdoor Malware: MagicWeb Read More »
Ransomware is the biggest cyber threat for UK organisations according to the National Cyber Security Centre (NCSC), with the number of different types of ransomware doubling this year already, from 5,400 in late 2021, to 10,666 after just six months of 2022. A report by Fortinet suggests this rise could be due to the development
What is Zeppelin Ransomware? Read More »
Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,
LinkedIn the Top Phishing Brand in Q2 2022 Read More »
A large-scale phishing attack campaign has emerged using adversary-in-the-middle (AiTM) to steal credentials and circumvent multi-factor authentication (MFA) needs. Microsoft have released a security blog post regarding the use of these phishing attacks and the impersonation of Microsoft Azure Active Directory (Azure AD) login pages. This campaign has reportedly targeted over 10,000 organisations in the
Phishing Attacks That Can Bypass MFA Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) released a joint security advisory last week to warn of the active exploitation of CVE-2021-44228. This vulnerability is commonly known as Log4j, or Log4Shell because it gives attackers a shell that allows them to remotely access internet facing Log4j devices.
Log4Shell (still) actively exploited on VMware Systems Read More »