Beyond the Headlines: Elevating Threat Intelligence Sharing to Fight Cyber Threats
The need for a collective defense strategy is more critical than ever. The intricate nature of modern attacks calls for a unified approach, one that leverages shared cyber threat intelligence.…
Unveiling the GRU’s Cyber Playbook – Mandiant
In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled “The GRU’s Disruptive Playbook”. The article, authored…
US Navy Personnel Arrested for Espionage Activities Linked to China
In a significant security breach, two US Navy personnel, Jinchao Wei and Wenheng Zhao, were arrested for transmitting sensitive military information to the People’s Republic of China (PRC). The incidents,…
PhishForce – Salesforce Zero-Day Exploitation
Introduction A recent zero-day vulnerability in Salesforce’s software was exploited by threat actors to phish Facebook credentials. This incident was first reported by Guardio Labs, who detected a sophisticated email…
Unauthorised Access to Cross-Tenant Applications in Microsoft Power Platform
Introduction Security researchers at Tenable discovered a significant vulnerability in Microsoft’s Power Platform. This vulnerability allowed unauthorized access to cross-tenant applications and sensitive data, including but not limited to authentication…
Critical Vulnerability CVE-2023-39143 in PaperCut Poses RCE Threat to Unpatched Servers
The recently discovered critical security vulnerability in PaperCut’s NG/MF print management software, tracked as CVE-2023-39143 (NVD), has brought attention to the potential risks posed by unpatched Windows servers. This flaw…
Deceptive Python Package ‘VMConnect’ Targets VMware vSphere Users
A recent cybersecurity incident has brought to light a malicious Python package on the Python Package Index (PyPI), posing as the VMware vSphere connector module ‘vConnector’. This package, named ‘VMConnect’,…
Mid-2023 Cyber Threat Briefing for UK SME Sector
As we move through 2023, the cyber threat landscape continues to evolve, yet some things remain the same. The UK SME sector, like many others around the globe, continues to…
Threat Actor Profile: Volt Typhoon
In the ever-evolving landscape of cybersecurity in 2023, the activities of state-sponsored Advanced Persistent Threat (APT) groups have become a significant area of focus. Among these, the Chinese APT group…
The Rising Threat of Abyss Locker Ransomware to VMware’s ESXi Servers
A long overdue update to the Abyss Locker is shared here. A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware’s ESXi virtualised…