News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: client

Google names 97 observed zero-day vulnerabilities
4 April 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

There are many zero-day vulnerabilities, but not all of them are widely exploited. Google and Mandiant observed 97 zero-day vulnerabilities that were heavily exploited - an increase of 50 percent compared to the previous year. Google and Mandiant released a new study that observed 2023 zero-day vulnerabilities exploited in the wild in 97. That's over 50 percent more than in 2022 (62 vulnerabilities), but less than the record-breaking 106 vulnerabilities exploited in 2021. TAG and Mandiant were responsible for the original discovery of 29 of these…

Read more

Dinner with APT29
March 31, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In late February 2024, Mandiant identified APT29 – a Russian Federation-backed threat group linked to the Russian Foreign Intelligence Service (SVR) by multiple governments – which ran a phishing campaign targeting German political parties. Consistent with APT29 operations dating back to 2021, this operation leveraged APT29's main ROOTSAW (also known as EnvyScout) payload to deliver a new backdoor variant known as WINELOADER. This activity represents a departure from APT29's typical targeting of governments, foreign embassies and other…

Read more

COSMICENERGY: OT malware is designed to cause power outages
June 3, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Mandiant is reporting a new specialized Operational Technology (OT) malware being observed under the name COSMICENERGY. The malware targets remote terminal units (RTUs) and could cause power outages. According to Mandiant, the COSMICENERGY malware is designed to cause power outages. To do this, the malware interacts with remote terminal units (RTUs), which are commonly used for power transmission and distribution in Europe, Asia and the Middle East. European power distributors at risk Mandiant suspects that a contractor of Russian cybersecurity firm Rostelecom-Solar may have developed the malware as part of a red teaming tool to simulate power outages.

Read more

ALPHV ransomware targets old Veritas backup vulnerabilities
16 April 2023
| No comments
| PR News
ALPHV ransomware targets old Veritas backup vulnerabilities

According to Mandiant, a ransomware partner of ALPHV is increasingly looking for old vulnerabilities in Veritas backup installations. The gaps have actually been known since 2021 – but many of them have not been patched. It should currently be possible to find over 8.500 backup instances on the web. Mandiant has observed a new ALPHV ransomware partner (a.k.a. BlackCat ransomware) tracked as UNC4466 targeting public facing Veritas Backup Exec installations for vulnerabilities CVE-2021-27876, CVE-2021-27877 and CVE -2021-27878 are vulnerable. These CVEs have been known since March 2021 and patches are also available. However, some administrators have the…

Read more

KRITIS: Outlook zero-day vulnerability exploited for months
6 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Mandiant experts believe that the Outlook zero-day vulnerability (CVE-2023-23397) has been used in Organization and Critical Infrastructure (KRITIS) attacks for almost 12 months and was also used by Russian actors in the Ukraine attack. Mandiant has tracked and documented early exploitation of the vulnerability under the tentative group name UNC4697. The attacks have now been publicly attributed to APT28, a Russian actor associated with the GRU secret service. The vulnerability has been deployed against government agencies, logistics companies, oil and gas operators, defense contractors, and the transport industry in Poland, Ukraine, Romania, and Turkey since April 2022. Outlook vulnerability…

Read more

Chinese cyber attackers target zero-day vulnerabilities
March 28, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Found zero-day vulnerabilities are often exploited by individual APT groups. According to Mandiant, Chinese cyberattackers are targeting more and more zero-day vulnerabilities. The report documents the role of the groups and the vulnerabilities exploited. Mandiant's new Fortinet vulnerability report reveals that routers and internet-connected devices on corporate networks are inadequately protected against cyberattacks. There are simply not enough tools to protect these systems. Chinese spies at work Suspected Chinese spies exploited a zero-day vulnerability with a new type of malware designed specifically for network security devices. Even devices used by government and…

Read more

Cyber ​​security decisions without background knowledge
26. February 2023
| No comments
| PR News
Cyber ​​security decisions without background knowledge

According to a survey, organizations in Germany lack background knowledge about the different hacker groups and their procedures. The use of existing threat intelligence is a challenge in many organizations. Mandiant's Global Perceptions on Threat Intelligence report provides insight into how organizations are addressing the increasingly complex threat landscape. The report is based on a global survey of 1.350 cybersecurity decision-makers in 13 countries, including 100 in Germany, and 18 industries, including financial services, healthcare and government agencies. 40 percent of respondents from organizations in Germany stated that their organization in the…

Read more

APT Group Lazarus: North Korea captured $630 million
15. February 2023
| No comments
| Short news

According to a UN expert report, North Korea was able to capture a record amount of money in 2022 through cyber attacks by the APT group Lazarus. North Korean cybercriminals are believed to have stolen at least $630 million. The sanctioned country uses the money mainly to finance its nuclear and missile programs. The state group Lazarus, among others, is held responsible for the cyber attacks. In public reporting, the Lazarus Group is often used as a generic term for numerous North Korean cyber actors. A blog post by Mandiant provides detailed insights into the various institutions within the hermit state and helps to understand how...

Read more

Commentary on current cyber attacks
10. February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

After the decision in Berlin to send Leopard 2 tanks to Ukraine, numerous German websites were paralyzed by cyber attacks. The pro-Russian self-proclaimed hacktivist group KillNet claimed responsibility for the attacks. “This type of response in cyberspace comes as no surprise; she is to be expected. For years, Mandiant has pursued several self-proclaimed hacktivist groups that support Russian interests or act out of a perceived patriotic duty. We believe with moderate certainty that the KillNet and XakNet groups have historically coordinated some of their activities directly and have ties to the GRU. These groups…

Read more

Cyber ​​Security Forecast 2023
26 December 2022
| No comments
| Stories
Cyber ​​Security Forecast 2023

Mandiant, part of Google Cloud, releases its Cyber ​​Security Forecast for 2023. The forecasts are based on developments that experts on the cyber frontline have observed over the past few months and which they believe will also determine the coming year . According to the experts, in 2023 Europe will focus primarily on cyber operations in connection with the energy crisis and the Russian war of aggression, as well as ransomware attacks and the threat to the "Big Four" Iran, Russia, North Korea and China. Cyber ​​Security Forecast 2023: Forecasts for EMEA Russia expands its targets in…

Read more

© 2024 MedPressIT GbR
Cookie Settings