Research Briefing

Fancy Bear and Camaro Dragon sightings. Anatsa Trojan evolves. Transparent Tribe is back. Teams as potential attack vector.

Fancy Bear targets Ukrainian entities. Camaro Dragon spreads malware via USB drives. Anatsa Trojan's new capabilities. Transparent Tribe resurfaces against Indian military and academic targets. Proof-of-concept: Microsoft Teams as potential attack vector.

A third MOVEit vulnerability is patched. Microsoft tracks Russian GRU threat actor. RDStealer cyberespionage tool in the wild.

Mystic Stealer malware: evasive, and with a feedback loop in the C2C market.

Chinese threat actor exploits VMware ESXi zero day. Cyberespionage campaign targets Libya. Brand impersonation online fraud. Cyber risk trends for small and medium businesses.

Cyber risk trends for small and medium businesses.

MOVEit file transfer vulnerability. Moonlighter will test cybersecurity in orbit. Criminal smishing campaign expands to the Middle East.

MOVEit file transfer vulnerability. Moonlighter will test cybersecurity in orbit. Criminal smishing campaign expands to the Middle East. New criminal campaign targets Android users who wish to install modified applications. Using vendor and contractor accounts to penetrate networks. Cyclops ransomware as a dual threat. NSA releases advisory on North Korean spearphishing campaigns targeting think tanks, universities, and media organizations. Backdoor-like issue found in Gigabyte firmware. Credential harvesting campaign impersonates Multimedia Software and Adobe. Mitiga discovers “significant forensic discrepancy” in Google Drive.

Barracuda Networks reports 2023 spear phishing trends. New Mirai malware uses low-complexity exploits to expand its botnet in IoT devices. Kimsuky's tailored reconnaissance tools.

Barracuda Networks reports 2023 spear phishing trends. New Mirai malware uses low-complexity exploits to expand its botnet in IoT devices. Kimsuky's tailored reconnaissance tools. CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Legion malware upgraded for the cloud. Blacktail, a new ransomware group using recycled ransomware. GoldenJackal, an APT quietly active since 2019.