Daily Cyber Brief

Anonymous launches OpIran and hacks over 300 CCTV cams, ALPHV adds new TTPs to its operation, and a long-running spyware campaign against the Uyghurs has been revealed...

Cybersecurity

Suspected Chinese Hackers Target Tibet Media, Politicians

Alleged Chinese state-sponsored hackers are behind a barrage of emails that aim to collect intelligence from a range of targets in Tibet, including pro-independence political party and a prominent media organization, according to findings provided exclusively to Bloomberg...

Russia-Ukraine Cyber War Is 'Test Ground' for NATO

As Ukrainian forces drive back Russian invaders, a largely unseen cyber war is raging as Moscow looks to regain momentum in the seven-month old war. Ukrainian leaders who spoke with Newsweek said the country has become a "test ground" for new cyber weapons and…

CISA warns of critical ManageEngine RCE bug used in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild. This security flaw (CVE-2022-35405) can be exploited…

Australia’s second-largest telco confirms cyberattack

Australia’s second-largest telecommunications company, Optus, announced Thursday it is “investigating the possible unauthorized access of current and former customers’ information” following a cyberattack. Although the company itself said it could not yet confirm how many…

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. The intrusions, originally attributed…

Feds Sound Alarm on Rising OT/ICS Threats From APT Groups

The National Security Administration (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are warning that there are active, known threats to industrial control systems (ICS) and operational technology (OT) that critical infrastructure sectors should be aware of…

Critical Magento vulnerability targeted in new surge of attacks

Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites. Magento is an open-source e-commerce platform owned by Adobe, used by…

Colonial Pipeline hackers add startling new capabilities to ransomware operation

The ransomware group behind the Colonial Pipeline hack recently added a slate of new tactics, tools, and procedures to its operation, making it even simpler for members to encrypt, steal and sort data. In a report from the Symantec Threat Hunter Team, researchers…

OpIran – Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras

In the wake of the recent Iranian government crackdown on dissent after Mahsa Amini’s death, the international hacktivist group Anonymous has launched a new operation against the country’s online infrastructure. Dubbed OpIran (Operation Iran) by Anonymous…

Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform. The bogus messages inform recipients that the user terms and privacy…

Daily Cyber Brief

Anonymous launches OpIran and hacks over 300 CCTV cams, ALPHV adds new TTPs to its operation, and a long-running spyware campaign against the Uyghurs has been revealed...

Cybersecurity

Join the conversation

Overt Operator