Daily Cyber Brief
Russia launches a coordinated cyberattack on Montenegro, MuddyWater continues to exploit Log4j against Israeli targets, and the U.S. electrical grid faces foreign and domestic hacking threats...
Cybersecurity
Fake social media accounts linked to the Chinese Communist Party are posting daily attacks on Lynas Rare Earths Ltd., according to the Australian company. Cyber-protection experts say the campaign is targeting US and Australian collaboration on critical mineral supply…
If there's one thing we can't live without in our modern world, it's electricity. It provides heat and light, pumps water and fuel, refrigerates food, and breathes life into our TVs, computers and phones. So it is no surprise the North American electric grid, which creates, moves and…
LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level. The gang has recently suffered a DDoS attack, allegedly on behalf of digital security giant Entrust…
The government of the Dominican Republic has said it will not pay a ransomware group that has crippled the IT services of an agrarian institute. The National Cybersecurity Center (CNCS) of the Caribbean nation said it is in the process of helping the Dominican Agrarian…
The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS from customers of Okta identity and access management company. Okta provides its customers with multiple forms of authentication for services, including…
Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news comes from a new advisory from Microsoft's security…
Montenegro’s security agency warned Friday that hackers from Russia have launched a massive, coordinated cyberattack against the small nation’s government and its services. The Agency for National Security, or ANB, said Montenegro is “under a hybrid war at the…
Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting…
Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations. Tracked as CVE-2022-36804 (CVSS score: 9.9), the issue has been characterized as a command injection…
Cybersecurity company Trend Micro is raising the alarm on a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Written in the Golang (Go) cross-platform programming language, the threat has the ability to reboot…