Russian Cybercriminal Linked to Ransomware Arrested A Russian cybercriminal wanted in the U.S. for connections to LockBit and Hive ransomware operations has been arrested by law enforcement in Russia. Mikhail Pavlovich Matveev is accused of developing malicious software aimed at encrypting files and demanding ransom for decryption keys. Overview of Ransomware Operations Ransomware attacks have…
Influence Operations Targeting Ukraine: The Role of AI and Social Design Agency A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. This campaign, executed by the Social Design Agency (SDA),…
The lines between digital and physical realms increasingly blur, creating both opportunities and challenges for businesses. In our recent webinar, we delved into the topic of the cyber-physical future. This area promises to evolve significantly by 2025. Our discussion centered around key trends, challenges, and opportunities that will shape this evolving landscape. Understanding the Cyber-Physical…
Microsoft Addresses Security Flaws in AI and Cloud Services Microsoft recently took action by addressing four significant security vulnerabilities that affect its artificial intelligence (AI), cloud, enterprise resource planning (ERP), and Partner Center solutions. These flaws have raised concerns, especially one that is actively being exploited in the wild. The vulnerabilities, particularly CVE-2024-49035, which has…
Understanding the Threat: Rockstar 2FA Phishing-as-a-Service Toolkit Cybersecurity researchers have raised alarms about a new phishing threat known as Rockstar 2FA. This phishing-as-a-service (PhaaS) toolkit targets Microsoft 365 users. By using Rockstar 2FA, attackers aim to steal valuable account credentials, even from those who have multi-factor authentication (MFA) enabled. What is Phishing-as-a-Service (PhaaS)? PhaaS is…
U.S. Citizen Sentenced for Spying for China A 59-year-old U.S. citizen from Wesley Chapel, Florida, has been sentenced to four years in prison for conspiring to spy for the People's Republic of China (PRC). The case of Ping Li highlights critical concerns about national security and the risks posed by espionage activities. Background on the…
Security Vulnerabilities in Advantech EKI Wireless Access Points Recently, nearly two dozen significant security vulnerabilities were disclosed in Advantech EKI industrial-grade wireless access point devices. These vulnerabilities pose substantial risks, as they allow unauthenticated remote code execution with root privileges. When exploited, attackers can bypass authentication and execute code, fully compromising the confidentiality and integrity…
Software Supply Chain Attack: A Comprehensive Look at @0xengine/xmlrpc Cybersecurity researchers have uncovered a concerning software supply chain attack within the npm package registry. This vulnerability began with an innocent-looking library, @0xengine/xmlrpc, which was first published on October 2, 2023. This JavaScript-based XML-RPC library initially offered harmless functionality. However, it later added malicious code that…
Understanding Serverless Environments Serverless environments, particularly those utilizing services like AWS Lambda, offer numerous benefits, including scalability and lower operational costs. However, as organizations shift to these models, they encounter significant challenges in securing their applications. This blog post will explore serverless security practices, focusing on two crucial components: log monitoring and static analysis. The…
Understanding GodLoader Malware Campaign Targeting Godot Engine The Godot Engine, a popular open-source game development platform, has been exploited in a recent malware campaign known as GodLoader. Since June 2024, over 17,000 systems have been impacted. Cybercriminals have misused this game engine to execute harmful GDScript code. This code triggers malicious commands, delivering malware to…