Daily Cyber Brief
A Chinese APT has surged activity against US targets, Microsoft believes nation-state hackers exploited recent 0-day, and the Mexican president confirms Guacamaya hack...
Cybersecurity
An elite Chinese hacking group with ties to operatives indicted by a US grand jury in 2020 has surged its activity this year, targeting sensitive data held by companies and government agencies in the US and dozens of other countries, according to an expert at consulting giant…
Mexican president Andrés Manuel López Obrador confirmed a widely reported cyberattack on Friday that leaked sensitive documents and emails from several militaries across Central and South America. About two weeks ago, hackers with the environmental collective…
The Vice Society Ransomware gang published data and documents Sunday morning that were stolen from the Los Angeles Unified School District during a cyberattack earlier this month. LAUSD superintendent Alberto M. Carvalho confirmed the release of stolen data in a…
The Shangri-La hotel group has said a database containing the personal information of customers at eight of its Asian properties between May and July has been hacked. The breach covered hotels in Hong Kong, Singapore, Chiang Mai, Taipei and Tokyo but the company…
Ever since Russian president Vladimir Putin ordered partial mobilization after facing setbacks on the Ukrainian front, men in Russia and the state's conscript officers are playing a 'cat and mouse' game involving technology and cybercrime services. More specifically…
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. "These attacks installed…
A massive trove of emails from Mexico’s Defense Department is among electronic communications taken by a group of hackers from military and police agencies across several Latin American countries, Mexico’s president confirmed Friday. The acknowledgement by…
The United States has failed in a bid to extradite a British citizen who it accused of helping North Korea evade sanctions through cryptocurrency. Christopher Emms, who sought to fight his case in the United Kingdom, had been detained in Saudi Arabia since February, at first in…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as…
The notorious North Korean hacking group 'Lazarus' was seen installing a Windows rootkit that abuses a Dell hardware driver in a Bring Your Own Vulnerable Driver attack. The spear-phishing campaign unfolded in the autumn of 2021, and the confirmed targets include an…