Nation-state espionage units continue to prioritise Russia gathering intelligence on its military and political strategies
Our reporting this week demonstrated that nation-state espionage units continue to prioritise Russia as a target to gather intelligence on its military and political strategies [ ... More Here > ]
Hack-for-hire group Knotweed utilise Windows and Adobe zero-day exploits to compromise European and Central American entities
Our reporting this week focuses on the use of third-party spyware tools and groups in cyber operations. For instance, we reported on a hack-for-hire group, [ ... More Here > ]
Russian state unit APT29 launches multiple phishing campaigns targeting western diplomatic organisations
Our reporting this week highlights Russian nation-state adversaries persistently targeting Ukrainian and Western government entities. This week, we reported that the Russian state unit APT29 [ ... More Here > ]
Phishing campaign targets 10,000 entities utilising adversary-in-the-middle techniques
Our reporting this week demonstrates how cybercriminals are continually developing their tradecraft to produce more effective phishing campaigns. One example included a phishing campaign that [ ... More Here > ]
Cookie based business email compromise in M365
Updated 18/07/2022 with comments from Technical Director Ade Taylor. The situation Microsoft security researchers have discovered an active exploit which allows malicious actors to bypass [ ... More Here > ]
Russian hacktivist group targets countries that actively support Ukraine or oppose Russia
The reporting this week highlights continued activity by Russian hacktivists related to the conflict in Ukraine. The latest incident saw pro-Russia hacktivist group XakNet Team [ ... More Here > ]
Continued activity from data leak extortion group RansomHouse as AMD become latest target
Our selection of key intelligence reports focus on the data leak extortion group RansomHouse’s continued activity. This week, RansomHouse compromised Advanced Micro Devices (AMD), an [ ... More Here > ]
Chinese espionage group demonstrate continued state-level interest in political and military intelligence with widespread campaigns
The reporting this week focuses on widespread campaigns conducted by a Chinese espionage group which demonstrate China’s capabilities and continued interest in state-level political and [ ... More Here > ]
Linux systems continue to be a target of ransomware and botnet campaigns
The reporting this week focuses on further campaigns targeting Linux systems, which has become a more attractive target for threat actors with the increase in [ ... More Here > ]
Continued exploitation of “Follina” vulnerability by cybercriminals and nation-state actors
Our selection of key IntReps this week illustrates the impact of the CVE-2022-30190 vulnerability (also known as Follina) on the threat landscape. An unnamed nation-state [ ... More Here > ]
New Microsoft Office zero-day vulnerability “Follina” observed in the wild
Our selection of key Intelligence Reports this week focuses on existence of critical vulnerabilities affecting several Microsoft Office versions and Atlassian’s Confluence software instances. The [ ... More Here > ]
Indian airline experiences severe disruption following ransomware incident
Our selection of key intelligence reports this week reiterates the value of personally identifiable information for threat actors and serves as a reminder for companies [ ... More Here > ]