Tag: intelligence
-
8th June Threat Intelligence Report
DentaQuest, a U.S. dental benefits administrator owned by Sun Life, has suffered a data breach after threat group ShinyHunters leaked exfiltrated data. Analysts assessed that 2.6 million accounts were exposed, including names, emails, […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/8th-june-threat-intelligence-report/
-
Mini-Shai-Hulud zeigt Ohne CyberIntelligence bleibt Supply-Chain-Security blind
In vielen Unternehmen herrscht noch immer die Annahme, dass Cyberangriffe primär auf Firewalls, Server oder Mitarbeiter abzielen. Die Realität sieht inzwischen anders aus. Angreifer attackieren zunehmend die digitale Supply-Chain, also genau die Softwarebausteine, Cloud-Dienste und Entwicklungsprozesse, auf denen moderne Unternehmen täglich aufbauen. Der aktuelle ‘Mini Shai Hulud”-Vorfall rund um kompromittierte npm-Pakete zeigt das sehr deutlich.…
-
UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and…
-
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also…
-
52% of directIP threats are missing from intelligence feeds
Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/08/palo-alto-networks-securing-ip-connections-report/
-
Report: Anthropic Deploys Engineers to Support NSA Use of Mythos
Reports claim Anthropic engineers are helping the NSA use its restricted AI model Mythos, known for advanced cybersecurity capabilities. This week, the Financial Times reported that Anthropic has placed approximately six >>forward-deployed<< engineers inside the National Security Agency to help the intelligence agency use Mythos, its most capable cyber model, for offensive operations. Two people…
-
Chinese Spies Using LinkedIn, Job Sites to Recruit Western Workers
Five Eyes agencies warn that fake online recruiters linked to Chinese intelligence are targeting workers for sensitive policy and defense information. The post Chinese Spies Using LinkedIn, Job Sites to Recruit Western Workers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-five-eyes-fake-recruiters-chinese-intelligence/
-
UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United States. According to Mandiant’s Google Threat Intelligence Group (GTIG), this financially motivated campaign leverages a highly effective combination of voice phishing, remote monitoring and management abuse, and unprecedented physical office intrusions. Attackers…
-
Ex-Threat Intel Exec Accuses IBM and AT&T of Hiding Hacks
IBM False Claims Act Plaintiff Alleges Years of Hidden Security Failures. A former IBM vice president of threat intelligence alleged IBM and AT&T failed to implement basic security controls and obtained major government contracts despite unresolved cybersecurity deficiencies that potentially exposed sensitive federal data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ex-threat-intel-exec-accuses-ibm-att-hiding-hacks-a-31904
-
What Trump’s AI Executive Order Means for Healthcare Sector
Experts: If Implemented Effectively, Directive Could Help Health Organizations. Although President Donald Trump’s executive order this week on artificial intelligence barely mentions healthcare, some experts said the directive could potentially have a positive impact on the critical infrastructure sector – if implemented effectively. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/what-trumps-ai-executive-order-means-for-healthcare-sector-a-31901
-
What Trump’s AI Executive Order Means for Healthcare Sector
Experts: If Implemented Effectively, Directive Could Help Health Organizations. Although President Donald Trump’s executive order this week on artificial intelligence barely mentions healthcare, some experts said the directive could potentially have a positive impact on the critical infrastructure sector – if implemented effectively. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/what-trumps-ai-executive-order-means-for-healthcare-sector-a-31901
-
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure
Tags: attack, cybersecurity, data-breach, dns, group, infrastructure, intelligence, law, malicious, network, ransomResearchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (SRG)’s Fast Flux network infrastructure and shares available intelligence with the cybersecurity community to disrupt their malicious activities and enable ISP/DNS providers to counter this threat.…
-
Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5
If you’ve ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/linkedin-recruiter-chinese-intelligence-fbi-mi5
-
Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5
If you’ve ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/linkedin-recruiter-chinese-intelligence-fbi-mi5
-
Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
On Thursday, June 18, at The Aerospace Corporation Campus, investors, founders, and tech leaders will gather for an evening of conversation exploring some of the most consequential shifts taking place across venture capital, defense technology, artificial intelligence, and advanced industry. Secure your spot today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/04/defense-tech-ai-and-fundraising-take-center-stage-at-strictlyvc-los-angeles-on-june-18/
-
Five Eyes warn Chinese spies are using job sites to recruit insiders
The alert warned that Chinese intelligence officers are posing as recruiters and consultants for front companies based outside China in order to target Five Eyes government and military personnel “and anyone with access to classified or privileged information.” First seen on therecord.media Jump to article: therecord.media/five-eyes-warns-chinese-spies-are-using-job-sites-to-recruit-insiders
-
Infosecurity Europe: Raise Security Concerns with Procurement Now, Because Quantum Can’t Wait
Tags: intelligenceForescout VP of security intelligence, Rik Ferguson, warns that Q-day is fast approaching First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/raise-security-procurement-quantum/
-
Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
Tags: attack, cyber, infrastructure, intelligence, microsoft, monitoring, okta, phishing, russia, service, theft, threatThe Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta single sign-on (SSO) environments and Russia’s rapidly growing MAX Messenger platform. New threat intelligence reveals a more mature, multi-brand phishing ecosystem with centralized infrastructure, real-time token monitoring, and geographically targeted campaigns. Previously documented for abusing…
-
Russia FSB claims foreign intelligence used malware on officials’ phones
First seen on scworld.com Jump to article: www.scworld.com/brief/fsb-claims-foreign-intelligence-used-malware-on-officials-phones
-
China Using LinkedIn to Recruit Government Insiders
Five Eyes Agencies Document 5-Step Chinese Job Platform Spy Scheme. The Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-using-linkedin-to-recruit-government-insiders-a-31861
-
Mayo Clinic, Microsoft Team Up on AI for Doctors, Patients
Healthcare Sector AI Expansion Raises Questions on Governance, Privacy and Safety. Mayo Clinic and Microsoft are planning a new healthcare-specific frontier artificial intelligence model that aims to help clinicians make earlier diagnoses and deliver more personalized treatments to their patients. The clinic plans to make the new model available to patients and doctors. First seen…
-
Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The…
-
Google adds Android protection against AI deepfake scam calls
Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user’s personal contacts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-adds-android-protection-against-ai-deepfake-scam-calls/
-
Project Glasswing Grows as Anthropic Extends Claude Mythos Preview Program
Anthropic has expanded its Project Glasswing initiative, significantly scaling access to its Claude Mythos Preview model as part of a broader effort to strengthen global software security. The program, first launched in April 2026 with around 50 organizations, has now grown to include approximately 200 partners worldwide, marking a major shift in how artificial intelligence…
-
Digital Intelligence Lab launches observatory to connect cyber events with geopolitical context
First seen on scworld.com Jump to article: www.scworld.com/brief/digital-intelligence-lab-launches-observatory-to-connect-cyber-events-with-geopolitical-context
-
AI Governance Playbook Calls for Enterprise Risk Controls
Healthcare Coordinating Council Highlights AI Risks, Potential Medical Mishaps. Healthcare organizations face an array of difficult cybersecurity, privacy, patient safety, supply chain and operational resiliency issues as they roll out artificial intelligence tools. A new Health Sector Coordinating Council playbook aims to help by providing a voluntary governance framework. First seen on govinfosecurity.com Jump to…
-
Kali365 imitiert vermehrt Unternehmen wie Microsoft und Okta
Steven Campbell, Staff Threat Intelligence Researcher bei Arctic Wolf, ordnete kürzlich die FBI-Warnung vor ‘Kali365″, eine Kampagne, die sich mittlerweile vom Phishing-Kit zu einer umfassenderen Phishing-as-a-Service-Plattform entwickelt hat, und aktuelle Entwicklungen rund um moderne Phishing-Angriffe ein. Kali365 war zunächst dadurch aufgefallen, dass sie den OAuth-Device-Authorization-Flow von Microsoft ausnutzte, um Authentifizierungs-Tokens zu stehlen und Multi-Faktor-Authentifizierung zu…
-
Foreign Spyware Found on Phones of Top Russian Officials
Russian authorities have disclosed a suspected large-scale cyber espionage operation targeting the mobile devices of senior government officials, raising fresh concerns over advanced spyware campaigns and mobile surveillance threats. The Federal Security Service (FSB) announced on Tuesday that it had identified and disrupted an alleged effort by foreign intelligence agencies to deploy malicious software on…
-
Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns
A new Silobreaker and SANS Institute paper examines the ‘Intelligence-Stakeholder Gap’ and what organizations must do to achieve business buy-in on threat intelligence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/business-leaders-struggle-threat/