For years, hundreds of Twitter, Facebook and Instagram accounts engaged in manipulation and spam that promoted pro-Western narratives, a new report from Graphika and the Stanford Internet Observatory (SIO) reveals.
Iranian Government Hackers Exploit Log4Shell in SysAid Apps for Initial Access
A threat group linked to the Iranian government appears to be the first to exploit the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations.
Leaked Docs Show Spyware Firm Offering iOS, Android Hacking Services for $8 Million
Leaked documents appear to show a little-known spyware company offering services that include Android and iOS device exploits for €8 million (roughly $8 million).
BalkanID Adds $2.3M to Seed Funding Round
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing the total raised to $8.1 million.
Microsoft Details New Post-Compromise Malware Used by Russian Cyberspies
Microsoft this week published technical details on ‘MagicWeb’, a new post-exploitation tool used by Russia-linked cyberespionage group APT29.
Plex Confirms Database Breach, Data Theft
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted passwords.
Security Pros Believe Cybersecurity Now Aligned With Cyberwar
More than three-quarters of security professionals in large organizations believe the world is now in a state of perpetual cyberwar – and 82% consider that geopolitics and cybersecurity are fundamentally linked.
Lloyd’s of London Introduces New War Exclusion Insurance Clauses
Lloyds of London, which describes itself as ‘the world’s leading insurance and reinsurance marketplace’, has clarified its position on war exclusions and cyberattack cover. It will require its underwriters to include such an exclusion based on its definition of cyberwar in future cyber insurance policies.
FBI Warns of Proxies and Configurations Used in Credential Stuffing Attacks
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against companies in the United States.
China’s Winnti Group Hacked at Least 13 Organizations in 2021: Security Firm
Chinese state-sponsored threat group Winnti compromised at least 13 organizations globally in 2021, spanning across multiple sectors, cybersecurity firm Group-IB says.
