Lmst

New.

Group-IB: Shaping Shadows: Breaking Down New ShadowSyndicate Methods and Infrastructure https://www.group-ib.com/blog/new-shadowsyndicate-infrastructure/ #threatintel #threatintelligence

Huntress: They Got In Through SonicWall. Then They Tried to Kill Every Security Tool https://www.huntress.com/blog/encase-byovd-edr-killer @huntress #SonicWall #cyberattack #ransomware

Recorded Future: Rublevka Team: Anatomy of a Russian Crypto Drainer Operation https://www.recordedfuture.com/research/rublevka-team-anatomy-russian-crypto-drainer-operation #threatresearch #infosec

📢🔍⚠️Chinese-linked Mustang Panda hackers used fake diplomatic briefings to target officials with spyware.

Read: https://hackread.com/chinese-mustang-panda-briefing-spy-diplomat/

#CyberSecurity #China #MustangPanda #CyberAttack #Phishing

Danger Bulletin: Cyberattacks Against Ukraine and EU Countries Using CVE-2026-21509 Exploit

UAC-0001 (APT28) has launched cyberattacks against Ukraine and EU countries exploiting the CVE-2026-21509 vulnerability in Microsoft Office products. The threat actor created malicious DOC files targeting government bodies and EU organizations. The attack chain involves WebDAV connections, COM hijacking, and the use of the COVENANT framework, which utilizes Filen cloud storage for command and control. The campaign began shortly after the vulnerability's disclosure, with multiple documents discovered containing similar exploits. The attackers employ sophisticated techniques to evade detection and maintain persistence, including disguising malicious files as legitimate Windows components and creating scheduled tasks.

Pulse ID: 6983549d1f4ab8a67c29cd5b
Pulse Link: https://otx.alienvault.com/pulse/6983549d1f4ab8a67c29cd5b
Pulse Author: AlienVault
Created: 2026-02-04 14:15:57

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APT28 #Cloud #CyberAttack #CyberAttacks #CyberSecurity #EU #Government #InfoSec #Microsoft #MicrosoftOffice #OTX #Office #OpenThreatExchange #RAT #UK #Ukr #Ukraine #Vulnerability #Windows #bot #AlienVault

Infectious disease data safe from cyberattack, Ontario public health unit says
Lakelands Public Health says systems that houses infectious disease and other sensitive data are safe after a cyberattack late last month.
#cybersecurity #data #health #Ontario #Canada #Cyberattack
https://globalnews.ca/news/11650844/lakelands-public-health-cyberattack/

Threat actor "Dripper" is selling a database from Comunidad Feliz on a hacking forum.

https://www.security-chu.com/2026/02/Dripper-actor-malicioso-vende-datos-de-Comunidad-Feliz.html

#Chile #databreach #cyberattack

Ransomware attack on the mining company http://pucobre.cl. In the samples, the attackers expose file samples such as forms, contract annexes, plaintext passwords, job interviews, and identity cards.

No one from the mining company has given a statement about this ransomware incident.

https://www.security-chu.com/2026/02/Empresa-minera-Punta-Cobre-afectado-con-ransomware.html

#Chile #ransomware #cyberattack #cybersecurity #cl #databreach #mining

📢⚠️ Operation Neusploit is an #APT28-linked campaign abusing a critical but patched Microsoft Office OLE flaw to deliver malware across Ukraine, Slovakia, and Romania.

Read: https://hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/

#Neusploit #CyberAttack #Microsoft #CyberSecurity #Russia

📰 Ransomware Attack Cripples City of New Britain, CT, Forcing Manual Operations

🏛️ Ransomware attack cripples the city of New Britain, CT. Network systems are down, forcing departments to use pen and paper. Federal authorities are investigating the major disruption to public services. #Ransomware #CyberAttack #GovTech

🔗 https://cyber.netsecops.io/articles/new-britain-connecticut-disrupted-by-ransomware-attack/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

📰 Qilin Ransomware Claims Breach of Tulsa International Airport, Leaks Data

✈️ Ransomware attack on critical infrastructure: The Qilin ransomware gang claims to have breached Tulsa International Airport, leaking sensitive financial and employee data. Airport operations are currently unaffected. #Ransomware #Qilin #CyberAttack

🔗 https://cyber.netsecops.io/articles/qilin-ransomware-claims-attack-on-tulsa-international-airport/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

🚨 BREAKING: Hacker attack disrupts Uffizi systems

A cyberattack hit the #Uffizi Galleries’ administrative services, blocking internal systems while the museum remained open to visitors.

Technical teams are investigating and restoring affected services.

#ransomNews #cyberattack #italy

BREAKING: Hacker attack disrupts Uffizi systems A cyberattack hit the #Uffizi Galleries’ administrative services, blocking internal systems while the museum remained open to visitors. Technical teams are investigating and restoring affected services. #ransomNews #cyberattack #italy

Ransomware attack in copper mining Chile

https://www.security-chu.com/2026/02/Empresa-minera-Punta-Cobre-afectado-con-ransomware.html

#ransomware #Chile #cybersecurity #ciberseguridad #cyberattack

[Notepad++가 국가 지원 해킹 조직에 의해 공급망 하이재킹, 중국 배후 의심

Notepad++가 2025년 6월부터 12월까지 공급망 하이재킹 공격을 당했으며, 중국 국가 지원 해킹 그룹의 소행으로 의심된다. 공격은 공유 호스팅 인프라를 통해 특정 타깃 사용자에게만 악성 업데이트가 전달되었으며, Notepad++는 보안 수준이 높은 새 호스팅 제공업체로 이전하고 업데이터를 강화했다.

https://news.hada.io/topic?id=26348

#cyberattack #supplychain #notepadplusplus #security #chinesehackers

#CyberAttack

Client Info