Iranian cyberspies target thousands of organizations with password spray attacks

An Iranian state-operated cyberespionage group has launched password spray attacks against thousands of organizations this year in an attempt to establish persistence into their environments, move laterally, and collect useful intelligence. The targeted organizations were primarily from the satellite, defense, and pharmaceuticals sectors and spanned different geographies. Microsoft tracks the group as Peach Sandstorm, but … Read more

Capslock: What is your code really capable of?

Jess McClintock and John Dethridge, Google Open Source Security Team, and Damien Miller, Enterprise Infrastructure Protection Team When you import a third party library, do you review every line of code? Most software packages depend on external libraries, trusting that those packages aren’t doing anything unexpected. If that trust is violated, the consequences can be … Read more

Trend Micro Protects Kingston University During Peak Clearing Period

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed that it is supplying managed detection and response (MDR) capabilities to Kingston University free of charge to mitigate the threat of serious cyber disruption during their busiest time of year for student recruitment. “University clearing is like the run up to Christmas for retailers. And in the same way, threat … Read more

United Cloud, the Fastest Growing Innovation Centre in SEE Europe, Selects Verimatrix XTD for Mobile App Protection

Yesterday, Verimatrix announced that United Cloud will deploy Verimatrix Extended Threat Defence (XTD) technologies to further strengthen protections for its flagship TV 2.0 platform widely popular under the brand name EON TV. United Cloud as an innovation centre that develops world-class products and solutions for the telecommunications and media businesses, harnessing Verimatrix cybersecurity solutions to protect … Read more

Hackers behind MGM cyberattack thrash the casino’s incident response

In an interesting turn of events, ransomware group ALPHV (aka BlackCat) released a statement on their leak site, thrashing both MGM Resorts International and the cybersecurity firm VX undergrounds for mishandling the ongoing cyberattack on MGM. In a long message intended “to set the record straight,” ALPHV detailed what has happened in the ransomware seizure … Read more

MGM and Caesars Casinos Suffer Massive Cyberattack

MGM and Caesars Casinos Suffer Massive Cyberattack

Two of Las Vegas’ iconic casinos, the MGM and Caesars hotel, have fallen victim to a major cyberattack. Over the course of this week, it has been revealed that computer systems had been left severely disrupted, causing widespread panic throughout the hospitality and gaming industry. Reports claim casino guests and staff have had difficulties accessing … Read more

Armis forges ahead into Cyber Exposure Management as it readies for IPO

Armis forges ahead into Cyber Exposure Management as it readies for IPO

During a live-streamed even this week, Armis co-founders Yevgeny Dibrov and Nadir Izrael laid out the company’s vision for the future, which is centred around its newly announced AI-powered cyber exposure management platform dubbed Centrix.   “In a perimeter-less world, where assets are digitally connected, traditional cybersecurity boundaries no longer exist. Legacy on-premises systems and … Read more

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Since February 2023, Microsoft has observed password spray activity against thousands of organizations carried out  by an actor we track as Peach Sandstorm (HOLMIUM). Peach Sandstorm is an Iranian nation-state threat actor who has recently pursued organizations in the satellite, defense, and pharmaceutical sectors around the globe. Based upon the profile of victim organizations targeted … Read more