Russian hacking group Armageddon has upgraded its skills to simultaneously target several thousand Ukrainian government information systems. CERT-UA said the hackers infected Microsoft Office Word to generate 80 to 120 malicious documents within a compromised system to multiply the infection.
Rockwell Automation teamed-up with CISA to find two critical flaws that require immediate attention, citing a novel exploit capability attributed to advanced persistent threat actors known for targeting industrial systems and critical infrastructure.
Russia is mulling a ban on iPhone use by government employees after a suspected American intelligence campaign exploited vulnerabilities in the device to spy on Russian staff. The ban is the latest in a slew of similar measures taken by Moscow against Western tech devices.
Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a flaw in Microsoft Outlook and used forged authentication tokens to access email accounts of governments in the United States and Western Europe.
TikTok executives were unable to answer Liberal senator and chair of the committee James Paterson when he questioned them on how many times Australian user data had been accessed by TikTok staff in China, but the executives admitted it had happened.
Diplomats in Ukraine shopping for used cars have been targeted with a listing for a "very good condition, low-fuel consumption" 2011 BMW 5 Series. In reality, the listing was designed to push Russian-built malware onto diplomats' systems, security researchers warned.
Microsoft released the largest set of patches of the year - software updates for 132 vulnerabilities, including six zero-days. Microsoft rated nine of the flaws as having critical severity, 121 as being important and eight as being linked to critical remote code execution vulnerabilities.
The threat actor behind the remote access Trojan called RomCom and other pro-Russian groups are targeting Ukrainian agencies and allies ahead of the NATO Summit this week in Vilnius, Lithuania, using weaponized Microsoft documents and typosquatting techniques to deliver the malware.
The European Commission has officially adopted the EU-U.S. Trans-Atlantic Data Privacy Framework, which will enable the free flow of commercial data between Europe and the United States. The framework will go into effect in December and will be subject to yearly review by the European Commission.
In the latest weekly update, four editors at ISMG discuss highlights from recent ISMG events, the winners and losers in Forrester's first-ever network analysis and visibility rankings, and the ongoing tech trade war between the U.S. and China and its impact on the global supply chain.
This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
Experts believe China's revised Counter-Espionage Law gives the Chinese Communist Party the power to retaliate against Western financial and technological sanctions and also control rising discontent among Chinese citizens. The law went into effect on Saturday.
Russia has relied on blunt-force cyberattacks in Ukraine to inflict maximum damage rather than turning to new techniques. In many cases, Ukrainian defenders are flying blind because Russian wiper malware is designed to evade most security controls, said Mandiant CEO Kevin Mandia.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.