Volt Typhoon’s tactics involve extensive pre-compromise reconnaissance, targeting of public-facing network appliances, exploitation of vulnerabilities, and use of living off the land (LOTL) techniques to maintain long-term undiscovered persistence.
The company specializes in identity and access management for enterprise IoT ecosystems, offering solutions to reduce human error, accelerate incident response, and establish trust in connected environments.
Troll Stealer’s similarities to known malware families linked to Kimsuky, such as AppleSeed and AlphaSeed, raise concerns about the group’s offensive cyber operations and its targeting of South Korean entities.
The HijackLoader sample exhibits complex multi-stage behavior, including process hollowing, transacted section hollowing, and user mode hook bypass using Heaven’s Gate, to inject and execute the final payload while evading detection.
The municipality of Korneuburg in Austria was hit by a ransomware attack, leading to data encryption and the cancellation of funerals due to the inability to issue death certificates.
Cybercriminals are using legitimate services like googleapis.com to fingerprint users and redirect them to specific types of scams based on their analysis of the user’s IP address, machine type, and VPN usage.
The funding will be used to accelerate customer success, support, product innovation, and growth, as NinjaOne aims to empower IT teams with visibility, security, and control over endpoints.
The Chinese threat group Volt Typhoon, also known as Bronze Silhouette, attempted to revive a botnet used in attacks on critical infrastructure in the U.S. after the FBI dismantled it.
The vulnerability, tracked as CVE-2023-4762, can allow a remote attacker to execute arbitrary code via a crafted HTML page, and has been exploited by threat actors to install spyware on both Apple and Android devices.
The Danish data protection authority has issued an injunction regarding the transfer of student data to Google through the use of Chromebooks and Google Workspace services in schools.