government-backed attacks
3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …
3CX compromise: More details about the breach, new PWA app released
3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting …
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
2022 witnessed a drop in exploited zero-days
Malicious threat actors have actively exploited 55 zero-days in 2022 – down from 81 in 2021 – with Microsoft, Google, and Apple products being most targeted. 53 …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
A glut of wiper malware hits Ukrainian targets
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. …
Will cyber saber-rattling drive us to destruction?
As cyberattacks have grown increasingly destructive, nations are entertaining the idea of responding to them with conventional military forces. It is difficult to determine …
The gap between security and privacy, and what it will take to bridge it
In this Help Net Security video, Bill Tolson, VP of eDiscovery & Compliance at Archive360, talks about the biggest and perhaps only question in information governance …
Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell …
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
The Cyclops Blink botnet has been disrupted
The US Justice Department has announced that the FBI has disrupted the Cyclops Blink botnet, which they say was under the control of the Sandworm group – a threat actor …