Fancy Bear targets Ukrainian entities. Camaro Dragon spreads malware via USB drives. Anatsa Trojan's new capabilities. Transparent Tribe resurfaces against Indian military and academic targets. Proof-of-concept: Microsoft Teams as potential attack vector.
Mystic Stealer malware: evasive, and with a feedback loop in the C2C market.
Cyber risk trends for small and medium businesses.
MOVEit file transfer vulnerability. Moonlighter will test cybersecurity in orbit. Criminal smishing campaign expands to the Middle East. New criminal campaign targets Android users who wish to install modified applications. Using vendor and contractor accounts to penetrate networks. Cyclops ransomware as a dual threat. NSA releases advisory on North Korean spearphishing campaigns targeting think tanks, universities, and media organizations. Backdoor-like issue found in Gigabyte firmware. Credential harvesting campaign impersonates Multimedia Software and Adobe. Mitiga discovers “significant forensic discrepancy” in Google Drive.
Barracuda Networks reports 2023 spear phishing trends. New Mirai malware uses low-complexity exploits to expand its botnet in IoT devices. Kimsuky's tailored reconnaissance tools. CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Legion malware upgraded for the cloud. Blacktail, a new ransomware group using recycled ransomware. GoldenJackal, an APT quietly active since 2019.