U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon

The U.S. Treasury Department's Office of Foreign Assets Control OFAC has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked...

Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns

The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie continues to successfully use...

BlackTech: China-Linked Cyber Actors Exploit Router Firmware

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary BlackTech, a Peoples Republic of China PRC-linked cyber actor group, poses a significant threat by modifying router firmware and targeting diverse sectors, highlighting the need for enhanced cybersecurity...

This Week in Security News - February 18, 2022

SMS PVA services' use of infected Android phones reveals flaws in SMS verification, and 'Russian state-sponsored cyber actors' cited in hacks of U.S. defense contractors...

Iran-Based Threat Actor Exploits VPN Vulnerabilities

The Cybersecurity Security and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a Joint Cybersecurity Advisory on an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks. This Advisory analyzes the thre...

Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Summary The Cybersecurity and Infrastructure Security Agency CISA is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration SBA COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that th...

ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises

The Australian Cyber Security Centre ACSC has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious cyber actor is carrying out the campaign using...