Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client…
FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with…
Iran Threatens Israel’s Critical Infrastructure With ‘Polonium’ Proxy
Cyber mimics life, as Iran uses Lebanese hackers to attack its bête noire.
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.…
Researchers Develop Exploit Code for Critical Fortinet VPN Bug
Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates…
New Cactus ransomware encrypts itself to evade antivirus
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "large…
Bluebottle Continues Bank Heist Assault With Signed Malware
The financially motivated threat group, also known as OPERA1ER, demonstrated an evolution in tactics in its compromise of three Francophone…
Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium
The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the…
Microsoft blocks Polonium hackers from using OneDrive in attacks
Microsoft said it blocked a Lebanon-based hacking group it tracks as Polonium from using the OneDrive cloud storage platform for data exfiltration and command…
Iran-linked APT groups continue to evolve
The researchers at Microsoft Threat Intelligence Center (MSTIC) are warning of increasingly sophisticated operations carried out by Iranian […] The…