Collecting Cyber-News from over 60 sources

Tag: group

The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat

Mar 19, 2026 12:10 PM

Tags: access, authentication, breach, cisa, ciso, cloud, control, cyber, data, data-breach, flaw, google, government, group, hacker, Hardware, infrastructure, Intruder, leak, login, mfa, monitoring, network, password, ransom, risk, service, switch, threat, tool, training, update, zero-day

Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January

Mar 19, 2026 12:10 PM

Tags: cisco, exploit, firewall, group, hacker, ransomware, zero-day

Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/interlock-ransomware-exploit-cisco/
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

Mar 19, 2026 11:09 AM

Tags: attack, cisco, cve, exploit, firewall, flaw, group, ransomware, rce, remote-code-execution, vulnerability, zero-day

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

Mar 19, 2026 11:09 AM

Tags: apple, data, exploit, flaw, google, group, intelligence, threat, zero-day

A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout.According to GTIG, multiple commercial surveillance vendors and suspected state-sponsored actors have utilized the full-chain exploit kit, codenamed…
Anthropic ban heralds new era of supply chain risk, with no clear playbook

Mar 19, 2026 9:10 AM

Tags: ai, business, ceo, cisco, ciso, compliance, control, data, defense, framework, government, group, infrastructure, intelligence, law, monitoring, network, RedTeam, risk, risk-management, sbom, software, strategy, supply-chain, technology, threat, tool

Compliance pressure before policy clarity: For organizations that do business with the federal government, the implications extend beyond technical challenges into legal and contractual risk. Alex Major, co-chair of government contracts and global trade practice at law firm McCarter and English, tells CSO that supply chain designations like the Anthropic ban tend to move quickly…
Anthropic ban heralds new era of supply chain risk, with no clear playbook

Mar 19, 2026 9:10 AM

Tags: ai, business, ceo, cisco, ciso, compliance, control, data, defense, framework, government, group, infrastructure, intelligence, law, monitoring, network, RedTeam, risk, risk-management, sbom, software, strategy, supply-chain, technology, threat, tool

Compliance pressure before policy clarity: For organizations that do business with the federal government, the implications extend beyond technical challenges into legal and contractual risk. Alex Major, co-chair of government contracts and global trade practice at law firm McCarter and English, tells CSO that supply chain designations like the Anthropic ban tend to move quickly…
WaterPlum Unleashes “StoatWaffle” Malware in VSCode Supply Chain Attack

Mar 19, 2026 8:10 AM

Tags: attack, cyber, group, korea, malware, north-korea, supply-chain, threat

A North Korea-linked threat group known as WaterPlum has introduced a new malware strain called “StoatWaffle” as part of its ongoing Contagious Interview campaign. The activity has been attributed to Team 8, a subgroup within WaterPlum also tracked as the Moralis or Modilus cluster. This team was previously associated with the OtterCookie malware, but since…
New iOS Exploit Uses Advanced iPhone Hacking Tools to Steal Personal Data

Mar 19, 2026 7:10 AM

Tags: apple, cyber, data, exploit, google, group, hacking, intelligence, iphone, threat, tool, vulnerability, zero-day

Google Threat Intelligence Group (GTIG) has uncovered a highly sophisticated iOS full-chain exploit dubbed DarkSword. Active since November 2025, this exploit leverages multiple zero-day vulnerabilities to compromise Apple devices running iOS 18.4 through 18.7 fully. DarkSword is highly unusual because it relies entirely on JavaScript throughout its exploit chain, thereby mitigating the need for a…
Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks

Mar 18, 2026 9:10 PM

Tags: cisco, exploit, firewall, flaw, group, hacker, infrastructure, ransomware, software, usa, vulnerability

AWS Researchers Find an Interlock Server Laden With Tools. Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe. First seen on govinfosecurity.com Jump to…
Threat groups target cyber-physical systems to disrupt critical infrastructure providers

Mar 18, 2026 6:10 PM

Tags: cyber, group, infrastructure, iran, threat

The Iran war has raised concerns that key industrial sectors could be the target of hacktivists, state actors and other groups. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-target-cyber-physical-systems-to-disrupt-critical-infrastruct/815074/
CISA official says agency has not seen uptick in cyber threats amid Iran war

Mar 18, 2026 4:10 PM

Tags: cisa, cyber, cybersecurity, group, infrastructure, iran, threat

Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks. First seen on therecord.media Jump to article: therecord.media/cisa-official-says-agency-has-not-seen-uptick-cyber-threats-iran
Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools

Mar 18, 2026 4:10 PM

Tags: data, espionage, government, group, hacker, hacking, iphone, russia, tool, ukraine

A suspected group of Russian government hackers was caught targeting Ukrainians with new iPhone hacking tools designed for espionage and potentially to steal crypto. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/18/russians-caught-stealing-personal-data-from-ukrainians-with-new-advanced-iphone-hacking-tools/
SideWinder Espionage Campaign Expands Across Southeast Asia

Mar 18, 2026 3:10 PM

Tags: espionage, government, group, india, infrastructure, phishing, spear-phishing, threat, vulnerability

The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sidewinder-espionage-campaign-expands-across-southeast-asia
LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader

Mar 18, 2026 1:09 PM

Tags: cyber, group, infrastructure, ransomware

LeakNet is scaling its ransomware operation by pairing mass-market ClickFix lures with a stealthy Deno-based loader that executes almost entirely in memory, shrinking the window for defenders to intervene. Ransomware operator LeakNet is currently averaging around three victims per month. However, recent activity shows the group investing in its own delivery and execution infrastructure to grow that…
Stop building security goals around controls

Mar 18, 2026 8:09 AM

Tags: business, ciso, control, group, strategy

In this Help Net Security interview, Devin Rudnicki, CISO at Fitch Group, argues that security strategy fails when it loses its connection to business outcomes. Rudnicki walks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/18/devin-rudnicki-fitch-group-ciso-business-alignment/
Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran

Mar 18, 2026 6:10 AM

Tags: cyberattack, group, iran

Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch increasingly decentralized and destructive cyberattacks, which are expected to increase as long as the kinetic battle continues. First seen on securityboulevard.com Jump to…
Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records

Mar 18, 2026 5:10 AM

Tags: crypto, email, group, hacker, korea, lazarus, north-korea

Bitrefill said hackers allegedly tied to North Korea’s Lazarus group accessed around 18,500 purchase records that contained email addresses, crypto payment addresses, and metadata including IP addresses. First seen on therecord.media Jump to article: therecord.media/crypto-platform-accuses-north-korea-hack
Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records

Mar 18, 2026 5:10 AM

Tags: crypto, email, group, hacker, korea, lazarus, north-korea

Bitrefill said hackers allegedly tied to North Korea’s Lazarus group accessed around 18,500 purchase records that contained email addresses, crypto payment addresses, and metadata including IP addresses. First seen on therecord.media Jump to article: therecord.media/crypto-platform-accuses-north-korea-hack
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
Best Cloud Firewall Vendors for 2026

Mar 17, 2026 6:10 PM

Tags: cloud, data, firewall, group, network

Cloud adoption didn’t simplify network security. It multiplied it. Today’s enterprises operate across data centers, hybrid environments, and multiple public clouds. Security teams now manage AWS security groups, Azure Firewall… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/best-cloud-firewall-vendors-for-2026/
Best Cloud Firewall Vendors for 2026

Mar 17, 2026 6:10 PM

Tags: cloud, data, firewall, group, network

Cloud adoption didn’t simplify network security. It multiplied it. Today’s enterprises operate across data centers, hybrid environments, and multiple public clouds. Security teams now manage AWS security groups, Azure Firewall… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/best-cloud-firewall-vendors-for-2026/
Warlock Ransomware Group Augments Post-Exploitation Activities

Mar 17, 2026 6:10 PM

Tags: attack, exploit, group, network, ransomware

In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/warlock-ransomware-post-exploitation-activities
Iranian Hackers Use Compromised Cameras for Regional Surveillance

Mar 17, 2026 3:10 PM

Tags: apt, cctv, cyber, exploit, group, hacker, infrastructure, intelligence, Internet, iran, middle-east

Iranian cyber actors are expanding operations targeting US organizations while also exploiting internet-connected cameras across the Middle East for intelligence collection and battlefield awareness. Recent incidents tied to APT group MuddyWater, camera”‘focused infrastructure, and hacktivist collective Handala point to an ecosystem that is operational but constrained, prioritizing persistence, visibility, and selective disruption over large”‘scale, coordinated cyber campaigns.…
CL1087 targets military capabilities since 2020

Mar 17, 2026 2:10 PM

Tags: apt, china, espionage, group, intelligence, military

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. >>The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk…
Google Warns Ransomware Groups Shift to Data Theft as Profits Decline

Mar 17, 2026 2:10 PM

Tags: attack, backup, business, control, cyber, cybersecurity, data, extortion, google, group, ransomware, strategy, theft

Google is warning that ransomware gangs are reinventing their business model as traditional encryption”‘for”‘ransom attacks become less profitable and data”‘theft extortion surges.”‹ Better cybersecurity controls, improved backup strategies, and stronger recovery capabilities mean more victims can restore their systems without paying, directly eroding criminal revenue. Public reporting also shows that both ransom payment rates and average demand…
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

Mar 17, 2026 12:11 PM

Tags: access, email, group, hacking, intelligence, malicious, malware, north-korea, phishing, spear-phishing, threat

North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim’s KakaoTalk desktop application to distribute malicious payloads to certain contacts.The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni.”Initial access was achieved through a spear-phishing email disguised…
Payload ransomware hits Windows and ESXi with Babuk-style encryption

Mar 17, 2026 9:10 AM

Tags: cryptography, cyber, encryption, extortion, group, healthcare, ransomware, threat, vmware, windows

A new ransomware operation called Payload is rapidly emerging as a serious threat to both Windows and VMware ESXi environments, combining Babuk-style cryptography with aggressive anti-forensics and a working double-extortion model. The group claims to have been active since at least February 17, 2026. It is already hitting mid-to-large organizations across multiple sectors and countries. The hospital…