Recent Cyber Threats: CloudScout Toolset and Evasive Panda Introduction to the Threats In recent months, a government entity and a religious organization in Taiwan fell victim to a China-linked threat actor known as Evasive Panda. This group used a previously undocumented post-compromise toolset called CloudScout. The breach highlights ongoing concerns about cyber threats targeting organizations…

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception. Tales of exploited flaws, international espionage, and AI shenanigans could make your head spin. But don't worry; we're here to break it…

In October 2024, three malicious packages were discovered on the npm registry, containing a known malware called BeaverTail. This JavaScript downloader and information stealer has been linked to an ongoing North Korean cyber campaign known as Contagious Interview. It is important to understand the implications of this malware and how the Datadog Security Research team…

Overview of Russian Espionage Operations in Ukraine A suspected Russian hybrid espionage and influence operation has been identified targeting the Ukrainian military. This operation is delivering a mix of Windows and Android malware through a Telegram persona called Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking this activity under the name UNC5812….

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI issues that could make your head spin. But don’t worry; we’re here to…

The Impact of Operational Technology Security on Marine Vessel and Port Operators As operational technology (OT) security evolves, marine vessel and port operators face new challenges. The digitalization and automation of ships and industrial cranes are changing how these entities operate. This shift introduces various security vulnerabilities, making effective OT security crucial. In this blog…

Phishing Pages on Webflow: A Growing Threat Cybersecurity researchers are sounding alarms about a rise in phishing pages created using a website builder tool called Webflow. As cybercriminals increasingly exploit legitimate services like Cloudflare and Microsoft Sway, it’s vital to stay informed. The goal of these campaigns is to gather sensitive information from various cryptocurrency…

New Attack Technique Bypasses Microsoft's Driver Signature Enforcement A new attack technique has emerged that can bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems. This vulnerability can lead to serious OS downgrade attacks, enabling malicious actors to load unsigned kernel drivers. As a result, attackers gain the ability to deploy custom rootkits,…