Daily Cyber Brief

Microsoft thwarts Russian cyberespionage, PLAY ransomware hits Argentina's Judiciary of Córdoba, and nearly 1,900 Signal phone numbers were exposed in a hack on Twilio...

Cybersecurity

Microsoft Announces Disruption of Russian Espionage APT

Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting. The threat actor, identified by Microsoft as…

Ski-Doo maker BRP resumes operations following cyber attack; shares fluctuate

BRP Inc. announced the resumption of operations at some of its sites Monday following a cyber attack that targeted the Ski-Doo maker. On Aug. 9, BRP Inc. announced the temporary suspension of its operations as a result of the attack, which it described as “malicious…

Argentina's Judiciary of Córdoba hit by PLAY ransomware attack

Argentina's Judiciary of Córdoba has shut down its IT systems after suffering a ransomware attack, reportedly at the hands of the new 'Play' ransomware operation. The attack occurred Saturday, August 13th, causing the Judiciary to shut down IT systems and their online portal…

SOVA Android Banking Trojan Returns With New Capabilities and Targets

The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out…

Malicious PyPi packages aim DDoS attacks at Counter-Strike servers

A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server. Python Package Index (PyPi) is a repository of open-source software packages that developers can…

Thousands of VNC Instances Exposed to Internet as Attacks Increase

Dark web intelligence firm Cyble reports seeing an increase in cyberattacks targeting virtual network computing (VNC). The VNC graphical desktop-sharing system relies on the Remote Frame Buffer (RFB) protocol to provide control of a remote machine over a network…

Twilio hack exposed Signal phone numbers of 1,900 users

Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month. Twilio provides phone number verification services for Signal and last week disclosed that an attacker hacked its…

Software Patches Flaw on macOS Could Let Hackers Bypass All Security Levels

An injection flaw connected to how macOS handles software updates on the system could allow attackers to access all files on Mac devices. The news comes from Mac security specialist Patrick Wardle who, in a Sector7 blog post (and at the Black Hat conference in Las…

Russian hackers target Ukraine with default Word template hijacker

Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notorious Russian state-backed hacking group 'Gamaredon' continue to heavily target the war-torn country. Gamaredon (aka Armageddon or Shuckworm) is a group of Russian hackers…

Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems

The threat actor Luckymouse (also known as Emissary Panda, APT27, Bronze Union and Iron Tiger) used a trojanized version of the cross-platform messaging app MiMi to backdoor devices across Windows, macOS and Linux operating systems. The news comes from two…

Daily Cyber Brief

Microsoft thwarts Russian cyberespionage, PLAY ransomware hits Argentina's Judiciary of Córdoba, and nearly 1,900 Signal phone numbers were exposed in a hack on Twilio...

Cybersecurity

Join the conversation

Overt Operator