Threats | KITEFALL

Hacking Democracy: Russia’s Digital War on German and European Elections 2025-04-03 23:18 Vsquare Russia’s disinformation machine didn’t just meddle in Germany’s 2025 elections — it built an entire fake media ecosystem to do it. Through a network of over 100 bogus news sites and psychological operations like Storm-1516, the Kremlin sowed chaos, …
New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows 2025-04-03 00:24 Security Affairs New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7, also known as …
Optimise organisational armour, focus less on soft underbelly of the organisation 2025-04-02 15:26 ITWeb Luke Cifarelli, Cymulate. Advanced exposure management, enhanced with AI and automation, enables organisations to cut complexity and alleviate cyber security mitigation workloads, while continuously improving their cyber security posture. This is according …
Malware in Lisp? Now you're just being cruel 2025-03-29 12:32 The Register Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell. Computer scientists affiliated with the University of Piraeus and Athena Research Center in Greece and Delft University of Technology in the …
PERSPECTIVE: 25 Years of Evolving Information Sharing Into Actionable Intelligence 2025-03-21 21:26 Homeland Security Today The IT-ISAC is celebrating its 25th Anniversary this year. This has caused me to reflect on the new challenges we continue to face as a cybersecurity community. When I first joined the IT-ISAC in 2005, a leader of another ISAC (information sharing and …
FBI Warned of Cyber Threats Last Year 2025-03-21 14:46 Texas Border Business The Federal Bureau of Investigation (FBI) repeatedly warned the public throughout 2024 about an escalating wave of cyber threats. Image for illustration purposesTexas Border Business Texas Border Business The Federal Bureau of Investigation (FBI) …
CLEO Delivers Commercial Development Milestone 2025-03-19 00:32 Investing News Network - Amgen (NASDAQ:AMGN) today announced new data from the Phase 3, registrational MINT trial evaluating the efficacy and safety of UPLIZNA ® (inebilizumab-cdon) in adults living with generalized myasthenia gravis (gMG). The results demonstrated durable and …
“My Vas Pokhoronim!” 2025-03-18 13:10 Security Boulevard On November 18, 1956, Soviet leader Nikita Khrushchev met with Western ambassadors at a reception at the Polish Embassy on Klimashkina Street in Moscow. He told the assembled ambassadors, “Whether you like it or not, history is on our side. We will bury …
What is an APT and how are they tracked? 2025-03-17 13:21 IT Pro Advanced persistent threat (APT) is a term used to describe a sophisticated cyber attack, campaign of cyber attacks, or threat group behind these attacks looking to establish long-term persistence on a target network. Breaking the acronym down, advanced …
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches 2025-03-17 10:22 Cyber Security News Welcome to this week’s Cybersecurity Newsletter, where we provide you with the latest updates and essential insights from the rapidly changing field of cybersecurity. Staying informed is crucial in today’s fast-paced digital environment. Our goal is to …
Blind Eagle Attacking Organizations With Weaponized .url Files To Extract User Hash 2025-03-13 17:40 Cyber Security News The cybersecurity landscape has witnessed a concerning development as the threat actor group known as Blind Eagle (also tracked as APT-C-36) has launched a sophisticated campaign targeting organizations primarily in South America with a novel attack vector …
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes 2025-03-13 17:32 GBHackers In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations. Active since 2018, this …
Fully Undetected Anubis Malware Enables Hackers to Execute Remote Commands 2025-03-12 15:45 GBHackers A recent alert has highlighted the emergence of the AnubisBackdoor, a Python-based backdoor attributed to the Savage Ladybug group, which is reportedly linked to the notorious FIN7 cybercrime gang. This malware is designed to provide remote access, execute …
Blind Eagle Hackers Leveraging Google Drive, Dropbox & GitHub To Bypass Security Defenses 2025-03-11 23:37 Cyber Security News A series of ongoing, targeted cyber campaigns by Blind Eagle (APT-C-36), one of Latin America’s most dangerous threat actors primarily targeting Colombia’s justice system, government institutions, and private organizations were recently unveiled by Check …
Blind Eagle Targets Colombian Government with Malicious .url Files 2025-03-11 20:54 Infosecurity Magazine A new cyber-threat campaign targeting Colombian government institutions and organizations since November 2024 has been linked to the threat group Blind Eagle, also known as APT-C-36. The attackers have been distributing malicious .url files that mimic the …
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks 2025-03-11 18:03 The Hacker News The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government …
1,600 Victims Hit by South American APT’s Malware 2025-03-11 15:30 SecurityWeek A South American cyberespionage group has delivered malware to over 1,600 victims in Colombia in a recent campaign, Check Point reports. Tracked as Blind Eagle and APT-C-36, and active since 2018, the advanced persistent threat (APT) actor is known for …
Blind Eagle Hackers Exploit Google Drive, Dropbox & GitHub to Evade Security Measures 2025-03-11 14:09 GBHackers In a recent cyber campaign, the notorious threat actor group Blind Eagle, also known as APT-C-36, has been leveraging trusted cloud platforms like Google Drive, Dropbox, GitHub, and Bitbucket to distribute malware and evade traditional security defenses. …
APT 'Blind Eagle' Targets Colombian Government 2025-03-10 19:38 Dark Reading Check Point Research has observed a threat actor "long suspected" to originate from South America targeting Colombian institutions and government entities in a series of cyberattacks. That's according to research published on March 10 …
Rapid7’s Chief Scientist Warns Australian Businesses to Prioritise their Ransomware Policies 2025-03-07 00:53 iTWire Australian companies need to establish clear ransomware policies and improve their understanding of their attack surface to enhance their cyber security, says a visiting global expert. Raj Samani, the Chief Scientist at NASDAQ listed cyber security giant …
Hackers exploit botnet to attack Microsoft 365 accounts 2025-03-06 22:10 SecurityBrief A newly identified botnet comprising over 130,000 compromised devices is systematically targeting Microsoft 365 accounts using password spraying attacks, according to findings from cybersecurity firm SecurityScorecard. The attacks exploit Non-Interactive …
'Crafty Camel' APT Targets Aviation, OT With Polygot Files 2025-03-06 12:35 Dark Reading A sophisticated advanced persistent threat (APT) that's likely aligned with Iran has been deploying a convincing business email compromise (BEC) attack to deliver two-faced polyglot files, which quietly dropped a simple but diligently concealed …
Suspected Iran-backed hackers target UAE with newly discovered 'Sosano' malware 2025-03-04 23:10 The Record A relatively unknown threat actor targeted several organizations in the United Arab Emirates, — including those involved in aviation, satellite communications and critical transportation infrastructure — with a newly discovered backdoor that researchers …
What is Identity Attack Surface Management (IASM) 2025-03-04 06:40 Security Boulevard Organizations rely heavily on digital identities for access and authorization. This reliance has led to a significant increase in identity-based attacks, making it crucial for organizations to prioritize identity security. Identity Attack Surface …
U.S. Halts Cyber Operations Targeting Russia 2025-03-04 02:47 Cyber Security News The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorities. While U.S. Cyber Command—a Unified Combatant …
Russia’s Evolving Strategy to Undermine the West: From Soviet Terror to Cyberwar 2025-03-01 15:33 Kyiv Post In the 1970s and 1980s, Soviet-backed terrorists carried out attacks across Europe that left civilians both horrified, puzzled, and asking, “Why commit terrorism if no one understands why you are doing it?” Terrorism, by definition, has an ideological …
CrowdStrike enhances identity security for hybrid clouds 2025-02-27 06:55 SecurityBrief CrowdStrike has announced that its Falcon Cloud Security for Microsoft Entra ID is now generally available, providing enhanced security measures for government entities working in GovCloud environments. The Falcon platform is designed to unify real-time …
Top 12 Must-Watch Anime for Bleach Fans Seeking Intense Battles and Supernatural Thrills 2025-02-27 02:57 OtakuKart Enjoying a shonen anime is one thing, but truly appreciating the intricate designs, gripping narratives, and well-crafted combat is another. Bleach masters all these aspects, making it a standout in the genre. The series follows Ichigo Kurosaki, an …
CrowdStrike launches Falcon Identity Protection for Microsoft Entra ID 2025-02-27 02:35 ETCIO Southeast Asia CrowdStrike today announced the general availability of CrowdStrike Falcon Identity Protection for Microsoft Entra ID, setting a new standard in identity security by unifying prevention, detection and response to identity-based attacks across hybrid …
Massive botnet targets Microsoft 365 with stealth attacks 2025-02-25 22:15 IT Brief - New Zealand A newly discovered botnet comprising over 130,000 compromised devices is systematically targeting Microsoft 365 accounts using password spraying attacks, according to a report by SecurityScorecard's STRIKE Threat Intelligence team. The report …
Final Fantasy 7 Remake Part 3's Weapon Bosses Could Find a Muse in FF16 2025-02-25 02:45 Game Rant Summary Final Fantasy 7 Remake Part 3 will feature the famously tough Weapon bosses. FF16's Eikons can inspire the design of the Weapons to create challenging and cinematic battles in Remake Part 3. Square Enix could potentially rework and iterate on …
Massive botnet hits Microsoft 365 accounts 2025-02-24 16:34 Help Net Security A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated …
Hackers are after your lab’s IP and this CEO says AI attacks set to soar 2025-02-24 06:40 R&D Magazine Keanu Reeves as Neo in The Matrix Reloaded (2003) dodges digital threats [Image licensed from ALAMY] In an iconic scene from The Matrix (1999), Neo sits wired to a training chair, eyes closed, as decades of martial arts expertise—jujitsu, kempo, taekwondo, …
Adversary-in-the-Middle Hackers Exploit Vulnerabilities to Deploy Advanced Malware 2025-02-21 18:07 GBHackers Cybercriminals are increasingly leveraging sophisticated Adversary-in-the-Middle (AiTM) phishing techniques, enabled by the rise of Phishing-as-a-Service (PhaaS) ecosystems. These operations target financial institutions globally, bypassing multi-factor …
Cyber Threat Actors Leveraging Exploits To Attack Financial Sector With Advanced Malware 2025-02-21 15:49 Cyber Security News The financial sector remains a prime target for cybercriminals and state-sponsored groups, with 2024 witnessing a surge in sophisticated attacks exploiting zero-day vulnerabilities, supply chain weaknesses, and advanced malware. Threat actors are …
NailaoLocker ransomware targets EU healthcare-related entities 2025-02-20 23:51 Security Affairs NailaoLocker ransomware targets EU healthcare-related entities NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. Orange Cyberdefense CERT uncovered a malware campaign, tracked as The Green …
'I expect a lot of people will hate it': PUBG creator Brendan Greene doesn't care if his new game is too hard for players to handle as long as it 'elicits a reaction' 2025-02-20 17:28 PC Gamer Survival games aren't known to be easy; that's kind of the whole point, especially when you often find yourself in remote, unforgiving locations where you need to keep fed, hydrated, and protected from the elements and maybe some hostile mobs. But …
Ukrainian Signal Users Fall to Russian Social Engineering 2025-02-19 11:28 Bank Information Security - New Jersey Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Google Expects Tactics to Spread; Global Targets and Other Services at Risk Akshaya Asokan (asokan_akshaya) • February 19, 2025 Image: Shutterstock Russian nation-state hackers …
‘Girls On Wire’ Review: Vivian Qu’s Genre Hybrid Is A Surprisingly Gritty Study Of Chinese Lives In The Margins – Berlin Film Festival 2025-02-18 22:16 Deadline Lives are literally on the line in Vivian Qu’s genre hybrid Girls on Wire, a surprisingly gritty study of people left behind or living in the margins that fuses gangster realism with social drama and leavens both with a dash of unexpected humor. A key …
China-linked APT group Winnti targets Japanese organizations since March 2024 2025-02-18 21:32 Security Affairs China-linked APT group Winnti targets Japanese organizations since March 2024 China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. …
Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication 2025-02-17 17:40 Cyber Security News Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed …
Russian State Hackers Target Organizations With Device Code Phishing 2025-02-17 16:52 SecurityWeek A Russia-linked threat actor tracked as Storm-2372 has been targeting government and private organizations in a global campaign employing device code phishing for account compromise, Microsoft reports. The campaign has been ongoing since at least August …
Final Fantasy Female Characters Tier List 2025-02-15 22:49 Game Rant WARNING: The following tier list contains MAJOR SPOILERS for the Final Fantasy mainline series. The Final Fantasy franchise has plenty of powerful characters across its many entries. While male characters such as Cloud Strife and Clive Rosfield often …
If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish 2025-02-15 00:57 The Register Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud …
Cybercrime evolving into national security threat: Google 2025-02-12 22:55 The Record Cybercrime continues to expand and evolve and has become a national security-level threat that is enabling more attacks by state-backed groups, Google warned in a new report. Released ahead of the Munich Security Conference, the Google Threat Intelligence …
Crimelords and spies for rogue states are working together, says Google 2025-02-12 16:05 The Register Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity. In a fresh report published today, the company's Threat Intelligence Group listed a range of recommendations to …
HPE is notifying individuals affected by a December 2023 attack 2025-02-11 02:06 Security Affairs HPE is notifying individuals affected by a December 2023 attack Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying …
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February] 2025-02-10 17:51 The Hacker News Feb 10, 2025Ravie LakshmananCybersecurity / Weekly Recap In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it …
HPE starts contacting victims of 2023 Russian cyberattack 2025-02-10 13:39 TechRadar Pro HPE begins notifying those affected by the 2023 Midnight Blizzard attack So far, at least a dozen people have received their breach notification letters We don't know exactly how many people were affected Hewlett Packard Enterprise (HPE) has started …
HPE Says Personal Information Stolen in 2023 Russian Hack 2025-02-10 12:26 SecurityWeek Hewlett Packard Enterprise has started notifying people that their personal information was likely compromised in a December 2023 hack attributed to a Russian threat actor. The incident was disclosed a year ago, when HPE notified the US Securities and …
Cybersecurity Weekly Brief: Latest on Attacks, Vulnerabilities, & Data Breaches 2025-02-09 20:53 Cyber Security News Welcome to this week’s Cybersecurity Newsletter, which provides the latest updates and key insights from the ever-evolving field of cybersecurity. In the current fast-paced digital landscape, it is essential to remain informed. Our objective is to deliver …
HPE Alerts Employees of Data Breach After Russian Cyberattack on Office 365 2025-02-08 05:57 Cyber Security News Hewlett Packard Enterprise (HPE) has disclosed a significant data breach involving its Office 365 email environment, attributed to the Russian state-sponsored hacking group known as Midnight Blizzard, also referred to as Cozy Bear or APT29. The breach, …
Clinical Characteristics and Optimization of Empirical Antimicrobial Therapy for Febrile Neutropenia in Patients With Hematologic Malignancies 2025-02-07 01:58 Dove Medical Press Introduction Due to the use of chemotherapy regimens, hematopoietic stem cell transplantations (HSCTs) and multiple comorbidities in hematological malignancy (HM) patients, the management of febrile neutropenia (FN) was particularly challenging.1 While the …
Abandoned S3 buckets could have caused a supply chain catastrophe 2025-02-06 14:27 IT Pro Abandoned cloud storage buckets were ripe to be taken over by cyber criminals and used to conduct a supply chain attack that would have dwarfed the 2020 SolarWinds incident, according to new research. A report from watchTowr Labs demonstrated how attackers …
Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank 2025-02-06 00:18 Infosecurity Magazine A new phishing campaign orchestrated by the financially motivated threat group UAC-0006 has been discovered targeting customers of PrivatBank, Ukraine’s largest state-owned financial institution. Cybersecurity analysts from CloudSEK identified an ongoing …
Abandoned Amazon S3 Buckets Could Have Enabled Attacks Against Governments, Big Firms 2025-02-05 13:24 SecurityWeek Cybersecurity company WatchTowr has identified many abandoned Amazon S3 buckets that could have been leveraged by threat actors to deliver malware or backdoors to governments and big firms. WatchTowr’s researchers discovered roughly 150 instances of …
The Strongest Dragons (With Names) In DnD History 2025-02-01 10:43 TheGamer Dragons have always been at the heart of Dungeons & Dragons, embodying raw power, ancient wisdom, and fearsome majesty. Across the multiverse, some dragons stand out not just for their strength but for their profound influence on the worlds they …
Understanding the Dangers of Phishing in Banking: Tips for Prevention 2025-01-31 16:00 GlobalFinTechSeries The banking industry has long been a prime target for cybercriminals, with phishing attacks as one of the most prevalent and damaging threats. Despite the advanced safety protocols embedded within both internal systems and consumer-facing banking apps, it …
Google Warns AI Makes Chinese, Iranian, and North Korean Hackers More Efficient 2025-01-31 00:10 Breitbart Google released a report Wednesday revealing that hackers are using the company’s Gemini artificial intelligence to devise more effective cyberattacks. Hackers from China, Iran, and North Korea have been especially aggressive at taking advantage of Gemini’ …
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations 2025-01-30 19:55 The Hacker News Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are …
Cyber Insights 2025: Malware Directions 2025-01-23 23:03 SecurityWeek Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect …
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers 2025-01-23 21:55 The Hacker News Jan 23, 2025Ravie LakshmananMalware / Enterprise Security Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the …
Breach Roundup: Researchers Find Flaws in Palo Alto Firewalls 2025-01-23 21:44 Bank Information Security - New Jersey Cybercrime , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Also: US Prosecutors Charge Suspected North Korean IT Worker Collaborators Anviksha More (AnvikshaMore) • January 23, 2025 Image: Shutterstock / ISMG Every …
Loudoun Prepares for Potential Coldest Day in Past Five Years 2025-01-20 12:09 Loudoun Now - Virginia With much of the nation preparing for the impacts of a polar vortex, weather forecasters say Loudoun County can expect to see temperatures as low as 2 degrees next week. According to data from wunderground.com, the last time Loudoun County was that frigid …
Advanced Persistent Threat (APT): Examples and Prevention 2025-01-17 19:52 Security Boulevard Advanced persistent threats (APTs) use sophisticated tools and techniques to breach systems and maintain access—all while remaining undetected. Unlike other cyberattacks, APTs work over an extended period, using more resources to achieve specific …
Russian Hackers Attacking WhatsApp Users With Malicious QR Codes 2025-01-17 04:47 Cyber Security News Russian state-sponsored hacking group Star Blizzard has shifted its tactics to exploit WhatsApp users through malicious QR codes. This marks a significant evolution in the group’s spear-phishing campaigns, which have historically targeted government …
Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts 2025-01-16 20:41 The Register Star Blizzard, a prolific phishing crew backed by the Russian Federal Security Service (FSB), conducted a new campaign aiming to compromise WhatsApp accounts and gain access to their messages and data, according to Microsoft. The group's credential …
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups 2025-01-16 19:55 SecurityWeek Microsoft researchers have uncovered Russian intelligence agencies using spear-phishing tactics to target victims with QR codes and WhatsApp group chats. Redmond’s threat intelligence team documented the discovery Thursday with a warning that the Russian …
Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes 2025-01-15 21:20 Hackread A recent cyberattack, mimicking the tactics of the notorious Black Basta ransomware group, targeted one of SlashNext’s clients. Within 90 minutes, 1,165 malicious emails bombarded 22 user inboxes, aiming to trick users into clicking on malicious links. …
New Codefinger Ransomware Exploits AWS to Encrypt S3 Buckets 2025-01-14 15:51 Hackread The Halcyon RISE Team has identified a new Codefinger ransomware campaign targeting Amazon S3 buckets. This attack leverages AWS’s Server-Side Encryption with Customer-Provided Keys (SSE-C) to encrypt data, demanding ransom payments for the symmetric AES- …
APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub 2025-01-09 12:47 GBHackers The malicious Southeast Asian APT group known as OceanLotus (APT32) has been implicated in a sophisticated attack that compromises the privacy of cybersecurity professionals. A recent investigation by the ThreatBook Research and Response Team revealed that …
How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks 2025-01-08 20:29 GBHackers The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and procedures (TTP) in their cyber operations, resulting in a complex landscape where …
Chinese hackers behind Japanese government cyberattacks 2025-01-08 09:55 The Asahi Shimbun The National Police Agency on Jan. 8 announced that a Chinese hacker group known as “MirrorFace” has repeatedly conducted cyberattacks on Japanese government agencies and companies to steal information related to security and advanced technology. As a …
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch 2025-01-06 15:53 The Hacker News In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). …
'Iran's Ministry of Intelligence': A CIA analyst's look at Iranian intelligence 2025-01-04 04:13 The Jerusalem Post Iran has been in our eyes and ears throughout the last year. Its direct and open confrontation with Israel has marked a substantial change from the clandestine shadow war that has been ongoing since the establishment of the Islamic Republic in 1979. Steven …