While it’s tempting to focus on nation-state attacks as the most interesting cyberactivity from the past year, it would be a mistake to overlook other threats, particularly cybercrime, which impacts more users in the digital ecosystem than nation-state activity. Cybercriminals continue to act as...
Microsoft and Open AI detail how some nation-state actors have started to use large language models to gather intelligence.
A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye." Article US Indicts, Sancti...
Then September, a successful cyberattack on an unnamed federal agencywas attributed toexploitation of the bug. “It is possible the cyber-actor obtained the credentials from an unpatched agency VPN server by exploiting a known vulnerability – CVE-2019-11510 – in Pulse Secure,” according to CIS...
A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye." Article US Indicts, Sancti...
Iran-linked threat actor RUBIDIUM has been implicated in the Pay2Key4 and N3tw0rm5 ransomware campaigns that targeted Israel in late 2020 and early 2021. A common element in Iranian nation-state cyberattacks was the targeting of Israeli logistics companies involved in maritime transportation. ...
This is the first post in a four-part series on the NOBELIUM nation-state cyberattack. Microsoft started telling the industry about this extremely advanced cyberattack in December 2020. The NOBELIUM blog series—which mirrors Microsoft’s four-part video series “Decoding NOBELIUM”—...
On some compromised EdgeRouters, we found activity from two significant cybercriminal groups and one nation-state threat actor (Pawn Storm) It is of paramount importance to secure routers and only expose them to incoming internet connections only when it is critical for the business. We provide ...
Health insurance company UnitedHealth Group said it is responding to a cyberattack by a nation-state threat actor impacting the IT systems of its Change Healthcare subsidiary. According to a filing with the SEC last week, UnitedHealth said it found out on Feb. 21 that the actors gained acces...
CSO Executive Sessions: Guardians of the Games - How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2) ...