Leverage unparalleled research to make smarter, faster business decisions

New Intrusion Campaign Targeting Users of Popular Business Communication Software

Investigations of Lazarus Group Indicators of Compromise Reveals Suspicious Traffic Involving State Government IP Addresses

Attackers Exploit Windows Vulnerability to Deliver Nokoyawa Ransomware

On April 11, security researchers announced the discovery of CVE-2023-28252, a zero-day vulnerability under active exploitation by a sophisticated cybercriminal group. The vulnerability affects all versions of Windows and could therefore be quite widespread; however, a patch is available.

New APT29 – Attributed Phishing Activity Targets Diplomatic Services

On April 13, Poland’s Computer Emergency Response Team (CERT.PL) and Military Counterintelligence Service released a group of joint advisories regarding newly-observed espionage activity attributed to a Russia-linked threat actor group.

Cyber Risk Intelligence: Cold Storage and Logistics Disruption

On April 26, reports of a service disruption affecting a major cold storage and logistics firm surfaced.

LockBit Group Claims Ransomware Attack Against Southeast Asian Bank

On May 8, the LockBit ransomware group claimed an attack against a major state-owned bank in Southeast Asia.

Ransomware Affiliates Exploit Recently-Discovered PaperCut Vulnerability

On April 26, security researchers announced the discovery of CVE-2023-27350 and CVE-2023-27351, vulnerabilities in the PaperCut print management software solution.

ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability

Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks

Iran-Attributed Exploitation of Log4Shell Vulnerability

Cyber Risk Intelligence: LockBit 3.0 Ransomware Group Claims Defense Contractor Breach

Investigation into Breached Australian Organizations

In mid-March, two Australian financial and professional services firms reported data breaches. These were followed by a series of cyber incidents affecting large Australian firms throughout 2022 and early 2023. As a result, some reporting on the incidents presented them as indications of systematic shortcomings in the country’s cyber defenses.