Recorded Futures Insikt Group identified that Vortax, a purported virtual meeting software, spreads three infostealersRhadamanthys, Stealc, and Atomic macOS Stealer (AMOS). This extensive campaign targets cryptocurrency users, exploiting macOS vulnerabilities. Operated by the threat actor markopolo,
Continue ReadingAuthor: Anowar Hossain Rana
RansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates
RansomHub, a new ransomware-as-a-service (RaaS) platform, emerged in February 2024, targeting Windows, Linux, and ESXi systems with malware written in Go and C++. Its high 90% commission rate attracts seasoned affiliates, leading to a surge in
Continue ReadingWhat Is Open Source Intelligence (OSINT)?
Open Source Intelligence (OSINT) is the practice of gathering, analyzing, and disseminating information from publicly available sources to address specific intelligence requirements.Of all the threat intelligence subtypes, open source intelligence (OSINT) is perhaps the most widely
Continue ReadingChinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation
From November 2023 to April 2024, Insikt Group identified cyber-espionage activities conducted by RedJuliett, a likely Chinese state-sponsored group, primarily targeting government, academic, technology, and diplomatic organizations in Taiwan. RedJuliett exploited known vulnerabilities in network edge
Continue ReadingRussia-Linked CopyCop Expands to Cover US Elections, Target Political Leaders
Insikt Group's report reveals that CopyCop, a likely Russian government-aligned influence network, has shifted its focus to the 2024 US elections. Using AI and inauthentic websites, CopyCop creates and spreads political content. The network registered 120
Continue Reading5 Threat Intelligence Solution Use Cases
Cyber threats are becoming increasingly sophisticated and frequent, making it imperative for organizations to leverage cyber threat intelligence to stay ahead of potential cyber attacks. Organizations across all industries are recognizing the importance of implementing robust
Continue ReadingSombres Influences: Russian and Iranian Influence Networks Target French Elections
SummaryInsikt Group's research assesses that Russian and Iranian influence networks are targeting the upcoming French elections, and so far, they are having a negligible impact. The Russia-linked Doppelgnger network uses cloned websites and social media bots
Continue ReadingCaught in the Net: Using Infostealer Logs to Unmask CSAM Consumers
SummaryIn this proof-of-concept report, Recorded Future's Identity Intelligence analyzed infostealer malware data to identify consumers of child sexual abuse material (CSAM). Approximately 3,300 unique users were found with accounts on known CSAM sources. A notable 4.2%
Continue ReadingYokogawa FAST/TOOLS and CI Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: FAST/TOOLS and CI Server Vulnerabilities: Cross-site Scripting, Empty Password in Configuration File 2. RISK EVALUATION Successful exploitation of these vulnerabilities
Continue ReadingProgress Software Releases Security Bulletin for MOVEit Transfer
Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the
Continue Reading