The Budworm APT's bespoke tools. Johnson Controls sustains cyberattack. US Privacy and Civil Liberties Oversight Board reports on Section 702. Government shutdown and cyber risk. Cybersecurity in the US industrial base. X cuts back content moderation capabilities. Ukrainian hacktivists target Russian airline check-in systems.
A Joint Advisory warns of Beijing's "BlackTech" threat activity. ShadowSyndicate is a new RaaS operation. Openfire flaw actively exploited against servers. Smishing Triad in the UAE. Claims of a compromise at Sony are investigated with cautious skepticism. AtlasCross is technically capable and, above all, "cautious." Xenomorph malware in the wild. DDoS and API attacks hit the financial sector. FCC chair announces plans to restore net neutrality. In cyberwar, the FSB is more active, but the GRU does more damage.
Advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdrawals. OpenSea NFT market warns of third-party risk to its API. Security budget benchmarks. Software security, in EMEA and the US. Phishing for Ukrainian military drone operators. The UK adopts a hunt-forward approach to cyber war.
Gelsemium APT active against Southeast Asian government. Multi-year campaign against Tibetan, Uighur, and Taiwanese targets. A tabletop cyber exercise prepares for the Super Bowl. Stealth Falcon's new backdoor. Predator spyware deployed against Apple zero-days. Update on the Pegasus spyware found in Meduza devices. Cyberattack reported in occupied Crimea. A shift in Russian cyber targeting.
Enter the Sandman. Gold Melody: an initial access broker. OilRig active against Israeli targets. Cyber ops in support of soft power. Casino ransomware attacks: recovery and investigation. Apple patches three flaws. Bermuda points to Russian threat actors in cyber incident.
