Attacks from the Iranian Phosphorus APT (aka Charming Kitten, APT35) are well documented. Now a new set of tools incorporated into the group’s arsenal, and a connection with the Memento ransomware, have been discovered.
Critical Flaw Impacts WordPress Plugin With 1 Million Installations
Over one million WordPress websites might have been impacted by a critical vulnerability in the Essential Addons for Elementor plugin.
Essential Addons for Elementor provides WordPress site admins with more than 80 elements and extensions to help them easily design WordPress pages and posts.
Cybersecurity M&A Roundup: 31 Deals Announced in January 2022

More than 30 cybersecurity-related mergers and acquisitions were announced in January 2022.
CISA Adds Recent iOS, SonicWall Vulnerabilities to ‘Must Patch’ List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week announced the addition of eight more vulnerabilities to the list of security flaws known to be exploited in malicious attacks.
‘White Tur’ Hacking Group Borrows Techniques From Multiple APTs
A newly detailed threat actor has been observed employing various techniques borrowed from multiple advanced persistent threat (APT) actors, PwC’s cyber threat intelligence team reports.
Cyber Insights 2022: Improving Criminal Sophistication
OT Data Stolen by Ransomware Gangs Can Facilitate Cyber-Physical Attacks
Many of the ransomware attacks on industrial and critical infrastructure organizations result in the exposure of operational technology (OT) data that could be useful to threat actors, including to conduct cyber-physical attacks, according to Mandiant.
Cyberattacks Increasingly Hobble Pandemic-Weary US Schools
For teachers at a middle school in New Mexico’s largest city, the first inkling of a widespread tech problem came during an early morning staff call.
North Korean Hackers Abuse Windows Update Client in Attacks on Defense Industry
The North Korean threat group Lazarus was observed abusing the Windows Update client for the execution of malicious code during a campaign this month, Malwarebytes reports.
More Russian Attacks Against Ukraine Come to Light
The WhisperGate attack is not the only operation believed to have been conducted by Russia-linked threat actors against Ukraine in recent months. Symantec on Monday disclosed the details of an espionage operation that it has tied to a known group.













