Explore

Rapid Read Rapid Read
Cyber Espionage Operation Targets Stock Exchange Executive's Outlook Mailbox

Cyber Espionage Operation Targets Stock Exchange Executive's Outlook Mailbox

A sophisticated cyber espionage operation, known as Operation Aspides, targeted a senior executive at a major global stock exchange, compromising the executive's Outlook mailbox for approximately 150 days. The attackers used advanced techniques, including malware disguised as Adobe and OneDrive processes, and exfiltrated data via Dropbox and OneDrive Personal in small, incremental batches. The operation was discovered by Symantec and Carbon Black, who published technical indicators and a detailed timeline. The breach exposed sensitive information, including internal deliberations and potentially market-moving events. Attribution remains unconfirmed, but the operation's discipline suggests a state-linked actor.
Trendline Trendline
Hackers Infiltrate Global Stock Exchange, Compromise Executive Email for Espionage

Hackers Infiltrate Global Stock Exchange, Compromise Executive Email for Espionage

Hackers Infiltrate Global Stock Exchange, Compromise Executive Email for Espionage
Trendline Trendline
Cyber Espionage Targets Stock Exchange Executive's Email in Prolonged Attack

Cyber Espionage Targets Stock Exchange Executive's Email in Prolonged Attack

Cyber Espionage Targets Stock Exchange Executive's Email in Prolonged Attack
FactFable FactFable
What Data security: detecting threats early Actually Looks Like in a Real Incident

What Data security: detecting threats early Actually Looks Like in a Real Incident

A minute-by-minute look inside a real cyber incident reveals how security teams move from a single alert to containing a major threat before it's too late.
Rapid Read Rapid Read
Chinese Cybercrime Group TA4922 Expands Campaigns Targeting Global Organizations

Chinese Cybercrime Group TA4922 Expands Campaigns Targeting Global Organizations

A Chinese-speaking cybercrime group known as TA4922 has been intensifying its activities, targeting organizations across various regions including Japan, the UK, Germany, and South Africa. According to Proofpoint, the group employs social engineering tactics and distributes multiple malware families, focusing on credential phishing and fraud schemes. TA4922's campaigns are financially motivated, aiming to gain remote access to victim organizations for data theft and fraud. The group uses HR, payroll tax, and invoicing themes to lure victims into downloading malicious payloads or sharing credentials. Recently, TA4922 has expanded its operations to include European organizations, utilizing tools like RomulusLoader and SilentRunLoader to exfiltrate sensitive information.
FactFable FactFable
Why Data loss prevention for a federal agency Matters More in Cloud Environments

Why Data loss prevention for a federal agency Matters More in Cloud Environments

As U.S. federal agencies move to the cloud, the risk of data loss increases. Here's why data loss prevention (DLP) is more critical than ever.
Trendline Trendline
Ultrahuman Data Breach Exposes Wellness Data of Customers

Ultrahuman Data Breach Exposes Wellness Data of Customers

Ultrahuman Data Breach Exposes Wellness Data of Customers
Trendline Trendline
Security Experts Urge Immediate Action on Post-Quantum Cryptography Transition

Security Experts Urge Immediate Action on Post-Quantum Cryptography Transition

Security Experts Urge Immediate Action on Post-Quantum Cryptography Transition
Rapid Read Rapid Read
Five Eyes Intelligence Agencies Warn of Chinese Espionage via LinkedIn

Five Eyes Intelligence Agencies Warn of Chinese Espionage via LinkedIn

The Five Eyes intelligence alliance, comprising the United States, United Kingdom, Canada, Australia, and New Zealand, has issued a joint warning about Chinese espionage activities targeting professional networking sites like LinkedIn. According to the bulletin, Chinese intelligence operatives are posing as consultants and HR professionals to recruit individuals with access to sensitive information. The aim is to gain military, political, and economic intelligence that could provide China with strategic advantages. The warning highlights cases where individuals have been prosecuted for sharing sensitive information, emphasizing the risks posed to national security.
Trendline Trendline
Carnival Corporation Faces Fallout from Data Breach Affecting Nearly 6 Million Customers

Carnival Corporation Faces Fallout from Data Breach Affecting Nearly 6 Million Customers

Carnival Corporation Faces Fallout from Data Breach Affecting Nearly 6 Million Customers
Rapid Read Rapid Read
FSB-Linked Gamaredon Group Uses Windows Data Streams for Stealthy Cyber Espionage in Ukraine

FSB-Linked Gamaredon Group Uses Windows Data Streams for Stealthy Cyber Espionage in Ukraine

A Russian state-affiliated cyber espionage group, Gamaredon, has been identified using a sophisticated worm to infiltrate Ukrainian networks. This worm exploits a lesser-known Windows feature, NTFS Alternate Data Streams, to conceal its presence and spread across systems without leaving a trace. According to Sekoia, a cybersecurity firm, the worm is part of a campaign that targets Ukrainian government, military, and critical infrastructure. The campaign, active since January 2026, employs fileless VBScript to enhance its stealth capabilities. The initial infection vector involves a booby-trapped xHTML file that delivers a malicious RAR archive exploiting a WinRAR vulnerability. This vulnerability, CVE-2025-8088, allows the worm to plant hidden files that execute upon system login, maintaining persistence and enabling further payload delivery.
Rapid Read Rapid Read
Amtrak Data Breach Exposes Millions of Customer Records, Raising Privacy Concerns

Amtrak Data Breach Exposes Millions of Customer Records, Raising Privacy Concerns

A significant data breach involving Amtrak has surfaced, potentially affecting millions of customer accounts. The breach was reported on Have I Been Pwned, a site that tracks data breaches, indicating that customer information may be circulating online. The exposed data includes email addresses, names, physical addresses, and customer support records. The breach is linked to the hacking group ShinyHunters, known for targeting cloud-based customer systems like Salesforce. These systems store large amounts of data, making them attractive targets for attackers. The breach highlights vulnerabilities in cloud-based customer relationship management environments, where attackers exploit weak access controls and misconfigured settings to extract data.