SideWinder’s Nim Backdoor Spells Trouble for South Asian Nations

Summary: SideWinder, also known as Razor Tiger, commenced its offensive operations in 2012 and has recently shifted its focus to targeting Bhutan. It employs deceptive content, ultimately executing the Nim Backdoor. The decoy content utilized in the sample is directly sourced from announcements...

Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions

The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023,...

Navigating the AI security landscape: The federal push for responsible AI adoption

This blog post discusses the U.S. government's commitment to responsible AI through the Executive Order and proposed legislation, outlines key provisions for AI risk management, highlights efforts to strengthen federal AI governance, and emphasizes Coalfire's role in promoting responsible AI...

Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, us...

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group T...

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Multi-State...

CISA Requests Comment on Draft Secure Software Development Attestation Form

CISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form. CISA developed this form in coordination with the Office of Management and Budget. With the Secure Software Development Attestation Form, federal departments and...

TA402’s Covert Operation Takes Aim at the Middle East

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA402 aka Extreme Jackal launched sophisticated phishing campaigns targeting government entities in the Middle East. The objective was to deploy a newly developed initial access downloader called IronWin...

Here’s the Proof There’s No Government Alien Conspiracy Around Roswell

Roswell, New Mexico, remains synonymous with the “discovery” of alien life on Earth—and a US government coverup. But history shows the reality may be far less out of this world—and still fascinating...

Siemens Desigo CC product family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit ...

quithq.initiatives.qld.gov.au Cross Site Scripting vulnerability OBB-3777341

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure

US government officials continue to warn that the public and private sectors need to identify and root out China-backed attackers lurking in industrial control systems...

Chinese APT Posing as Cloud Services to Spy on Cambodian Government

By Deeba Ahmed Palo Alto's Unit 42 Reveals Chinese APT Spying on 24 Cambodian Government Entities as Part of Long-Term Cyberespionage. This is a post from HackRead.com Read the original post: Chinese APT Posing as Cloud Services to Spy on Cambodian Government...

SideCopy Leverages Multi-platform RAT, Assaults Indian Government Entities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A threat actor linked to Pakistan named SideCopy is capitalizing on WinRARs CVE-2023-38831 vulnerability to target Indian government agencies. This security vulnerability facilitates distribution of...

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications...

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE describe...

Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East

A threat actor affiliated with Iran's Ministry of Intelligence and Security MOIS has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecurity firm Check...

lobbyists.integrity.tas.gov.au Cross Site Scripting vulnerability OBB-3771028

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

liquorandgaming.nsw.gov.au Cross Site Scripting vulnerability OBB-3770259

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...