Month: December 2023

The UK has signed a pledge with nine other countries to formalise the Tallinn Mechanism to coordinate and facilitate civilian cyber capacity building to help Ukraine uphold its fundamental right to self-defence in cyber space, and address longer-term cyber resilience needs. The UK joins Canada, Denmark, Estonia, France, Germany, The […]

December 11th saw some rumours online that the dark web blog & leak site of the AlphaV / Blackcat ransomware gang had been taken offline by law enforcement. Checking the Tor site resulted in a timeout, indicating that the site was indeed out of action. The X.com account @vxunderground shared […]

Rhysida, the ransomware gang behind the recent attack against the British Library has just published approx. 1.7 Tb of data they stole from Insomniac games. The gang announced they had compromised the Sony-owned games company just over a week ago and had offered the 1.3 million file cache for a […]

MongoDB, the company behind the same-titled cross-platform document management platform confirmed on Saturday that they had been the victim on a security breach which has exposed customer data. In a security notice posted on Saturday morning, the company announced that they had detected unauthorised access to certain MongoDB corporate systems […]

SentinelLabs, Microsoft, and PwC threat intelligence researchers have provided attribution-relevant information on the relatively unknown Sandman APT. The report which was released on the 11th December details a link between the Sandman APT and Chinese threat actors who use the KEYPLUG backdoor. The Chinese threat actor is tracked by Microsoft as STORM-0866/Red […]

Multiple threat actors including ransomware operators and initial access brokers have started to abuse GoogleAds in a new way and it is really hard to spot how they do it. Whats the problem? When you search for something via Google search, the top couple of links are typically adverts, or […]

A joint cybersecurity advisory has been released by the FBI, CISA, NSA, SKW, CERT.PL, and NCSC-UK which covers the Russian Foreign Intelligence Service (SVR) actively exploiting a vulnerability in the TeamCity software collaboration tool. The advisory which was released on Wednesday (13th) details the activities conducted by the SVR – […]

NXP, the Europes 2nd largest semiconductor company has been compromised by Chinese threat actors for over 2 years according to Fox-IT security. NXP is Europe’s second-biggest semiconductor company behind ASML and the world’s 18th largest chipmaker by market capitalisation. The companies chips are used in iPhones and Apple watches to […]

Members of the Chinese Peoples’ Liberation Army (PLA) have been accused by U.S. Government officials of accessing critical US networks in an attempt to preposition themselves to sow chaos in the US if tensions between China and Taiwan escalate in the next few years. The IT and OT networks of […]

Spanish police say they they conducted a raid in the city of Alicante on Sunday and arrested a Venezuelan national for his alleged involvement in the Kelvin Security hacking group. The unnamed suspect (although thought to be Kelvin Para) was charged with crimes related to belonging to a criminal organisation, […]