Many nation-state-backed attacks are intended to destabilize the US government, not steal from it. We’re hearing more and more about cyber-espionage activity launched by nation-states, but this doesn’t necessarily mean these cyberattacks, hacks, and disinformation campaigns are happening more often. Cyber-enabled operations by criminals, nation-states, and curious dilettantes have been constants that are increasingly reported, examined, and weaponized. Furthermore, reports…
Those behind the widespread intrusion into government and corporate networks exploited seams in U.S. defenses and gave away nothing to American monitoring of their systems. Read More…
The broad Russian espionage attack on the U.S. government and private companies, underway since spring and detected only a few weeks ago, is among the greatest intelligence failures of modern times. Read More…
Multiple security professionals said stolen credentials on Exploit.in were part of a tidal wave of business email compromise attacks. Read More.
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts? Read More…
Vigilante wishes to highlight a threat actor or threat actor group on an exclusive Russian-language Dark Web forum that is currently advertising the Ransomware-as-a-Service (RaaS) known as “Smaug”. Although this type service is not entirely new, the Smaug RaaS platform is a particularly attractive option for lower-tier or unskilled cyber criminals to enter the Ransomware threat space, increasing the proliferation…
Vigilante wishes to highlight two more ransomware groups that have adopted the Maze Team model of extorting their victims to pay: NetWalker and Ako. Under the Maze model, once the group has the victim’s data in its possession, it demands two separate ransoms; the first ransom amount is for providing a decryption key and the second is to delete all the data they copied and exfiltrated before locking up the victims’ files.
Vigilante warns that over the last few weeks threat actor group Maze Team is claiming to have attacked at least two insurance companies with ransomware and may be eyeing additional insurance industry victims.
During this extended period of social distancing filled with increased online activity, I can’t help but reflect on all the user data that has been created, stored, hacked, exposed, bought, shared and sold over the last 10 years. Read more here or Link to published article
Prolific hacktivist group, Ghost Squad Hackers—also known as “GSH”— announced several new hacks of various government-affiliated sites and servers in a probable attempt to undermine public confidence in government at a time of universal unease due to the COVID-19 pandemic.