Uncategorized

Microsoft has seized a number of malicious sites which were targeting organisations based in 29  countries worldwide. The sites were used by the Nickle hacking group. Nickle is a China-based group also tracked as Playful Dragon, Royal APT, APT15, KE3CHANG and Vixen Panda. The group compromised serves belonging to diplomatic entities, government organisations and NGOs based in 29 countries, but mainly organizations from Latin America and Europe. Microsoft's Digital Crimes Unit (DCU) spotted the group...

Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a "computer virus". It has now been confirmed that they were, in fact, hit by Conti ransomware, which has affected the hotel's guest reservation and room key card systems. Fortunately, there is no indications that passwords or payment information was affected or accessed, however guest booking information was potentially leaked. As a result of the attack, hotel...

Dragos, Inc one of the world’s top ICS security vendors has just announced it has raised a record-breaking $200 million in Series D funding at a valuation of $1.7 billion. The investments is the largest funding round and the highest valuation achieved by an OT cybersecurity company. It will help accelerate the company’s global expansion, with Dragos recently announcing new plans to grow the company within the UK’s industrial market. The funding round was led...

Armis, the leading unified asset visibility and security platform provider, has announced the appointment of B2B SaaS veteran Conor Coughlan as their new Chief Advocacy Officer (CAO) and General Manager for EMEA. Coughlan will be responsible globally for the establishment and operation of their new advocacy programs and strategically accelerating their expansion across the EMEA region. Conor now joins their executive management team and will actively collaborate with his peers in Sales, Marketing, Strategy, Finance, HR, CSM...

Researchers at cybersecurity vendor Upguard have discovered multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access - a new vector of data exposure. The types of data exposed varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses. UpGuard notified 47 entities of exposures involving personal information, including governmental bodies like...

Armis has announced its official participation in MITRE Engenuity’s initial round of ATT&CK® Evaluations for industrial control systems (ICS). In these tests, MITRE Engenuity used the MITRE ATT&CK® knowledge base to emulate the tactics and techniques used in the TRITON malware attack against a petrochemical facility in Saudi Arabia. This malware was used to interact with Triconex Safety Instrumented Systems (SIS) and represents the first publicly reported incident demonstrating a targeted attack with a known...

In a speech on Wednesday, the U.S. President, Joe Biden told the Russian President, that 16 sectors of critical infrastructure should be "off-limits" to attacks, specifically cyberattacks. Unfortunately, analysts believe his efforts to be futile. Robert Golladay, the EMEA and APAC director at Illusive claims that "the fact that one of the leaders of the free world stood up to discuss Ransomware on a global stage is significative. We are in the middle of a...

On Tuesday the internet service provider Belnet fell victim to a cyberattack. The attack took place at 11:00am CEST when the company experienced a distributed denial of service (DDoS) attack. This resulted in Belnet's servers being overloaded and preventing any availability of their online services. The attack affected any website with .be domains. As a number of Belgium's government agencies are customers of Belnet, they too were affected by the attack. The incident affected Belgium's...

Capcom has released the final update on their investigation into the major ransomware attack they suffered last year. The investigation has found that the attackers accessed the company through an outdated VPN device. Through this avenue, the attackers were able to access the companies network, as well as any compromised devices in the network. The attack took place in November 2020, when Capcom was targeted by the Ragnar Locker ransomware. The attack resulted in Capcom...

The FBI has been removing web shells from compromised Microsoft Exchange serves following court authorisation. However, owners of the Microsoft Exchange servers were never informed or able to approve of the FBI's actions. In February, the hacking group HAFIUM exploited several vulnerabilities in Microsoft Exchange's servers. The group installed web shells in compromised Exchange servers which allowed them to remotely access the servers. Following the attack, Microsoft released a security update that patched the exploited...