Tag: intelligence
-
Genetic Data: Emerging Cyberthreats and Privacy Concerns
It’s only a matter of time before cybercriminals begin to use artificial intelligence-enabled tools, open-source software and other technologies to launch attacks to exploit sensitive genetic data, said Nicholas Morris, a practice manager at security firm Optiv. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/genetic-data-emerging-cyberthreats-privacy-concerns-i-5478
-
US military IT specialist arrested for allegedly trying to leak secrets to foreign government
A 28-year-old civilian IT worker at the Defense Intelligence Agency has been arrested in Northern Virginia on suspicion that he leaked secrets to a foreign government. First seen on therecord.media Jump to article: therecord.media/defense-intelligence-agency-it-specialist-suspected-leak-foreign-government
-
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Tags: credentials, cyber, cybersecurity, group, hacker, infrastructure, intelligence, microsoft, phishing, service, threatCybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as >>Dadsec.
-
Hackers Use Gh0st RAT to Hijack Internet Café Systems for Crypto Mining
Hackers have been targeting Internet cafés in South Korea since the second half of 2024, exploiting specialized management software to install malicious tools for cryptocurrency mining. According to a detailed report from AhnLab SEcurity intelligence Center (ASEC), the attackers, active since 2022, are using the notorious Gh0st RAT (Remote Access Trojan) to seize control of…
-
Void Blizzard nimmt NATO-Organisationen ins Visier
Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraineRussische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
-
Crims defeat human intelligence with fake AI installers they poison with ransomware
Take care when downloading AI freebies, researcher tells The Register First seen on theregister.com Jump to article: www.theregister.com/2025/05/30/fake_ai_installers_carry_ransomware/
-
APT41 Uses Google Calendar as Covert C2 in Stealthy Cyberespionage Campaign
In an example of cloud service abuse, Google Threat Intelligence Group (GTIG) has uncovered a new APT41 campaign First seen on securityonline.info Jump to article: securityonline.info/apt41-uses-google-calendar-as-covert-c2-in-stealthy-cyberespionage-campaign/
-
Interlock Ransomware Uses NodeSnake RAT for Persistent Access to Corporate Networks
In a two UK-based universities have fallen victim to a sophisticated Remote Access Trojan (RAT) dubbed NodeSnake within the past two months. According to analysis by Quorum Cyber’s Threat Intelligence (QCTI) team Report, this malware, likely deployed by the ransomware group Interlock, showcases advanced capabilities for persistent access and network infiltration. Emerging Threat Targets Higher…
-
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools
Tags: ai, chatgpt, cisco, cybercrime, intelligence, malware, openai, powershell, ransomware, threat, toolFake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware families, and a new malware dubbed Numero.”CyberLock ransomware, developed using PowerShell, primarily focuses on encrypting specific files on the victim’s system,” Cisco Talos researcher Chetan…
-
The 2025 Cybersecurity Pulse Report
Strategic Intelligence from the RSAC 2025 Conference. The 2025 Cybersecurity Pulse Report is the latest intelligence briefing from ISMG, delivering essential insights from more than 150 expert interviews and four days of carefully curated programming from the RSAC 2025 Conference. It captures key conversations, innovations and strategic shifts. First seen on govinfosecurity.com Jump to article:…
-
Criminal IP Set to Make Its Debut at Infosecurity Europe 2025
Criminal IP, the AI-powered threat intelligence platform developed by AI SPERA (led by CEO Byungtak Kang), has announced its first participation in Infosecurity Europe 2025, the largest cybersecurity conference in Europe. The event will take place from June 3 to 5, 2025, at ExCeL London, where Criminal IP will engage with global security professionals at…
-
China-linked hackers exploit Google Calendar in cyberattacks on governments
Tags: china, cyber, cyberattack, espionage, exploit, google, government, hacker, intelligence, threatGoogle Threat Intelligence spotted the China-based operation known as APT41 leveraging the company’s own Calendar app as part of a cyber-espionage campaign. First seen on therecord.media Jump to article: therecord.media/china-linked-apt41-exploits-google-calendar-in-cyberattacks
-
An Enterprise Playbook to Defending Against Volt Typhoon
An identity threat detection approach built on access intelligence is key to identifying and disrupting campaigns like Volt Typhoon. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/an-enterprise-playbook-to-defending-against-volt-typhoon/
-
RSAC Fireside Chat: Cyber risk mitigation turns personaldefending the CEO as an attack vector
Executives are under digital siege”, and most don’t even know it. Related: Shareholders sue over murder At RSAC 2025, I sat down with Chuck Randolph, SVP of Strategic Intelligence and Security at 360 Privacy, to unpack a… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/rsac-fireside-chat-cyber-risk-mitigation-turns-personal-defending-the-ceo-as-an-attack-vector/
-
APT Hackers Turn Google Calendar Into Command Hub Using TOUGHPROGRESS Malware, Google Alerts
Google Threat Intelligence Group (GTIG), a sophisticated malware campaign dubbed >>TOUGHPROGRESS
-
New Cyber Threat: UTG015 Exploits 0-Days for Espionage in Asia
In a threat intelligence report, the Qi’anxin Threat Intelligence Center has exposed a series of highly targeted attacks First seen on securityonline.info Jump to article: securityonline.info/new-cyber-threat-utg-q-015-exploits-0-days-for-espionage-in-asia/
-
Stealthy Attacks: Silent Werewolf Deploys Custom Loaders in Espionage Operations
BI.ZONE Threat Intelligence has uncovered two new malicious campaigns attributed to the threat actor Silent Werewolf, once again First seen on securityonline.info Jump to article: securityonline.info/stealthy-attacks-silent-werewolf-deploys-custom-loaders-in-espionage-operations/
-
Chinese hackers used Google Calendar to aid attacks on government entities
Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41. First seen on cyberscoop.com Jump to article: cyberscoop.com/google-calendar-apt-41-c2-winnti/
-
Threat Actors Weaponize Fake AI-Themed Websites to Deliver Python-based infostealers
Mandiant Threat Defense has uncovered a malicious campaign orchestrated by the threat group UNC6032, which capitalizes on the global fascination with artificial intelligence (AI). Since at least mid-2024, UNC6032 has been deploying fake AI video generator websites to distribute malware, specifically targeting users through deceptive social media ads on platforms like Facebook and LinkedIn. These…
-
Optiv CEO On New Intelligence System: ‘There’s Nothing On The Planet Like This’
The recently launched Optiv Market System has been ‘game-changing’ for how the cybersecurity powerhouse is serving clients and working with its security industry partners, Optiv CEO Kevin Lynch tells CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2025/optiv-ceo-on-new-intelligence-system-there-s-nothing-on-the-planet-like-this
-
Crooks use a fake antivirus site to spread Venom RAT and a mix of malware
Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (“bitdefender-download[.]com”) spoofing Bitdefender’s Antivirus for Windows download page to trick visitors into downloading a remote access trojan called Venom RAT. >>A malicious campaign…
-
Why data provenance must anchor every CISO’s AI governance strategy
Across the enterprise, artificial intelligence has crept into core functions not through massive digital transformation programs, but through quiet, incremental … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/28/cisos-ai-governance-strategy/
-
Void Blizzard: New Russian Cyberespionage Group Targets NATO and Ukraine
Microsoft Threat Intelligence has identified a cyberespionage campaign by a newly recognized Russia-affiliated actor named Void Blizzard, also First seen on securityonline.info Jump to article: securityonline.info/void-blizzard-new-russian-cyberespionage-group-targets-nato-and-ukraine/
-
Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors
Trend Micro’s latest threat intelligence report uncovers Earth Lamia, a stealthy and evolving China-nexus advanced persistent threat First seen on securityonline.info Jump to article: securityonline.info/earth-lamia-china-linked-apt-targets-global-industries-with-custom-backdoors/
-
Patched GitLab Duo Flaws Risked Code Leak, Malicious Content
Prompt Injection, HTML Output Rendering Could Be Used for Exploit. Hackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab’s DevSecOps platform to manipulate the model’s output, exfiltrate source code and potentially deliver malicious content through the platform’s user interface. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/patched-gitlab-duo-flaws-risked-code-leak-malicious-content-a-28499
-
New Russian state-sponsored APT quickly gains global reach, hitting expansive targets
Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands’ national police force in September 2024, Microsoft researchers said. First seen on cyberscoop.com Jump to article: cyberscoop.com/laundry-bear-void-blizzard-russia-apt/
-
Fake AI Tools Lure Users in Year-Long Malware Campaign
Mandiant Says Malware Spread Through Fake AI Video Ads Seen by Millions. Online scammers are converting excitement over generative artificial intelligence into fraudulent sites that infect victims with malware, says threat intel firm Google Mandiant in a report exposing a year-long campaign to distribute infostealers and backdoors. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fake-ai-tools-lure-users-in-year-long-malware-campaign-a-28494
-
Meta Begins AI Training Using EU Personal Data
German Court Rebuffs Consumer Group Bid for Injunction. Meta can use the public posts of European Instagram and Facebook users to train its artificial intelligence models starting Tuesday after a German court rejected an injunction against the company. The court said Meta has a legitimate interest in processing the data. First seen on govinfosecurity.com Jump…