A group of previously unknown hackers has claimed responsibility for a cyberattack on the Russian satellite communications provider Dozor-Teleport, which is used by energy companies and the country’s defense and security services.

The infection chain started with a malicious ad for the WinSCP application displayed in search engine results. Users who clicked on the ad were redirected to a cloned download webpage where they unknowingly downloaded a malware-infected ISO file.

National Hazard Agency, a sub-group of the LockBit ransomware gang, posted the name of Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest chip manufacturer, on LockBit’s dark web leak site on June 29, 2023.

One telemedicine scheme involved telemarketers targeting elderly and disabled patients, resulting in $1.9 billion in allegedly fraudulent claims to Medicare and other government insurers.

“This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a P2P proxy network, such as Peer2Profit or Honeygain,” Akamai researcher Allen West said.

The exploitation of remote services like VPNs and RDP was the most commonly seen attack technique last year, according to the Annual Cyber-Threat Report 2023 from ReliaQuest.

By sharing this list, MITRE provides the broader community with valuable information regarding the most critical software security weaknesses that require immediate attention.

The primary cause of cyberattacks against Japanese computer systems is the strength and quality of its manufacturing base. The size of Japanese manufacturers makes them an attractive target for criminal extortion.

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that’s been put to use by the actor since 2021.

The volume of mobile malware, phishing sites dedicated to mobiles, and mobile vulnerabilities increased significantly in 2022, according to the Global Mobile Threat Report 2023 from Zimperium.