A Blackberry report unveiled that state-backed actors often collaborate with mercenary APT groups to excel in attacks. Simultaneously, it helps state-backed actors lie low with their game plan.

After studying millions of email-based attacks, researchers note a unique trend in malware-stealing attempts and disclose details about the success recipe of a top malware used by them.

Singapore has released guidelines on heightened risks businesses in the financial services industry (FSI) now face as remote work practices take hold and how they can mitigate such risks.

Dragos uncovers a total of 15 threat groups targeting industrial organizations, with four new groups joining in 2020. The new groups are efficient enough to sabotage control systems.

A threat actor stole the personally identifiable information of recipients of the US Congressional Medal of Honor and used their personal data to purchase goods from American military exchanges.

Steganography is used to hide code, images, and video content within other content of file formats, and in this case, the researchers have found BMP files that contain malicious ObliqueRAT payloads.

Infatica uses the browser of anyone who has an extension injected with its code to route web traffic for the company’s customers, including marketers or anyone able to afford its subscription charges.

Google this week announced the release of patches for 37 vulnerabilities as part of the Android security updates for March 2021, including a fix for a critical flaw in the System component.

In an update on Monday, Oxfam Australia said it had found “supporter’s information on one of its databases was unlawfully accessed by an external party on 20 January 2021”.

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics, and procedures.