Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions

Exciting news from Australia! Rapid7 has successfully completed an Information Security Registered Assessors Program IRAP assessment to PROTECTED Level for several of our Insight Platform solutions. What is IRAP? An IRAP assessment is an independent assessment of the implementation,...

New APT Group "CloudSorcerer" Targets Russian Government Entities

A previously undocumented advanced persistent threat APT group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control C2 and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said...

Apple Removes VPN Apps from Russian App Store as Censorship Tightens

Apple removes popular VPNs from Russias App Store following government pressure. This move restricts access to free and…...

CloudSorcerer – A new APT targeting Russian government entities

In May 2024, we discovered a new advanced persistent threat APT targeting Russian government entities that we dubbed CloudSorcerer. Its a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud...

Apple Removes VPN Apps from Russian App Store Amid Government Pressure

Apple removed a number of virtual private network VPN apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including Hidemy.name VPN, L...

ww10.ceara.gov.br Cross Site Scripting vulnerability OBB-3941256

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-39482

creationtimestamp| type| source ---|---|--- 2024-07-05 09:34:10+00:00| seen| https://t.me/cvedetector/84 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07 2025-12-03 14:14:49+00:00| seen|...

Upcoming Book on AI and Democracy

If youve been reading my blog, youve noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce that were writing a book on the topic. This isnt a book about deep fakes, or misinformation. This is a book about what happens when AI...

3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods

Global cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…...

Busted for book club? Why cops want to see what you’re reading, with Sarah Lamdan (Lock and Code S05E14)

This week on the Lock and Code podcast… More than 20 years ago, a law that the United States would eventually use to justify the warrantless collection of Americans phone call records actually started out as a warning sign against an entirely different target: Libraries. Not two months after...

CapraRAT Spyware Disguised as Popular Apps Threatens Android Users

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion...

SneakyChef Group Hits Governments Using SugarGh0st and SpiceRAT

...

jobseekers.bahamas.gov.bs Cross Site Scripting vulnerability OBB-3939602

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Chinese Espionage Group “ChamelGang” Uses Attacks for Disruption and Data Theft

Beware! Chinese cyberespionage group ChamelGang targets critical infrastructure like aviation and government systems. SentinelOne report reveals potential attacks across Asia. Learn more about ChamelGang's cyberespionage activities...

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang aka CamoFei,...

RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations

A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name...

Examining the US Government’s DDoS Protection Guidance Update

In March 2024, CISA, MS-ISAC, and the FBI released updated DDoS response guidance. The document outlines key strategies and 15 steps for mitigating DDoS attacks, emphasizing the need for continuous monitoring and collaboration between government and private sectors...

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang,"...

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA Europe, Middle East, and Africa with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are...

Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia

Cisco Talos discovered a new remote access trojan RAT dubbed SpiceRAT, used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia. We observed that SneakyChef launched a phishing campaign, sending emails delivering SugarGh0st and SpiceRAT with the same...