The gang has been active since at least 2020 and hit organizations from various industries. The attack vector most used by the ransomware operators are brute force attempts on RDP endpoints.

It provides threat actors with an initial foothold that can be used to facilitate further compromise or other malware infections depending on how attackers choose to attempt to monetize their access.

According to a survey from the Neustar International Security Council (NISC) conducted in September 2021, 72% of study participants reported experiencing a DNS attack within the last 12 months.

While the TTPs of some threat actors remain consistent over time, relying heavily on social engineering to target organizations or individuals, others refresh their toolsets and extend their scope.

The names of several hundred vulnerable Afghans seeking refuge from the Taliban were recently leaked in emails sent in error by Immigration, Refugees and Citizenship Canada (IRCC), CBC News reported.

Sonrai plans to use new funding to accelerate research and development and expand sales and marketing globally for the company’s industry-leading cloud security platform.

According to reports in local media and posts on social networks, the cyberattack caused NIOPDC gas stations to show the words “cyebrattack 64411” on their screens earlier in the morning.

The OP code will be applicable to organizations that provide social media services, data brokerage, and any online platform that has had over 2,500,000 unique visitors from Australia in the past year.

This time, Nobelium attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage various technologies for their customers.

SCUF Gaming customers were the victims of a web skimming attack. The attackers gained access to the company’s backend on February 3rd using login credentials stolen from a third-party vendor.