Threat actors affiliated with the Chinese government have compromised telecom provider networks to conduct a cyber espionage campaign. Network defenders should read new guidance from the #FBI and our partners to harden their systems against this activity: https://www.ic3.gov/CSA/2024/241016-2.pdf
The Russian APT group #Turla has gained access to the Pakistani APT group #Sidecopy + #TransparentTribe (Storm-0156)’s C2 server and used it to attack operators in Afghanistan and Pakistan.
1.
https://blog.lumen.com/snowblind-the-invisible-hand-of-secret-blizzard/
2.
https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/
ioc:
https://github.com/blacklotuslabs/IOCs/blob/main/Secret_Blizzard_IoCs.txt
🚨Cyberattack Alert ‼️
🇬🇧- Deloitte UK
Brain Cipher ransomware group claims to have breached Deloitte UK.
Allegedly, more than 1 TB of data were exfiltrated.
Ransom deadline: 15th Dec 24.
📧 Kimsuky, a North Korea-aligned #hacking group, now uses Russian email services like Mail[.]ru to disguise phishing attacks aimed at stealing credentials.
Discover how these campaigns operate:
#infosec #cybersecurity