March 31, 2025 Cyber Threat Intelligence Briefing
March 31, 2025 Cyber Threat Intelligence Briefing.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
March 24, 2025 Cyber Threat Intelligence Briefing
March 24, 2025 Cyber Threat Intelligence Briefing This week’s briefing covers: KTA134 (BLACKBASTA) Chats Suggests Help From Russian Officials Upon review of leaked chat logs, it appears that KTA248 (Oleg Nefedov, GG, Tramp, Kurva) was able to evade trial by eliciting the help of Russian government officials. Supply Chain Attack Leaks Secrets from GitHub A supply chain attack on the popular GitHub Action tj-actions/changed-files caused many repositories to leak their secrets over the weekend.
Cybersecurity Due Diligence: A Practical Guide
A merger or acquisition is one of the most critical steps a company can take. However, alongside the opportunity it presents for business growth, it also poses significant security threats. A target company—or even its supply chain—may bring with it a host of hidden security risks.
March 17, 2025 Cyber Threat Intelligence Briefing
This week’s briefing covers: KTA080 (CLOP) Update CL0P has recently published files from victim organizations that were last revealed from the E-H listing around February 24, 2025. Some victim organizations were removed from the E-H listing as well as the H-W listing, likely due to negotiations with the threat actor group to refrain from sensitive data to be published. Additional victim companies have also been published outside of the E-H listing.
Convergence of Cyber and Physical Security: Geolocation Data Hacks and Executive Protection Threat Implications
In today’s interconnected world, the convergence of cyber and physical security has become increasingly critical, particularly for high-profile individuals. The recent breach of Gravy Analytics’ geolocation data highlights the emerging threat of geolocation vulnerability and its potential impact on physical security.
Enabling an Investor Services Firm to Prepare for DORA Compliance
A major investor services firm recognized that it required expert support to meet the deadline for complying with the Digital Operational Resilience Act (DORA), the EU regulation that aims to improve the cybersecurity and operational resilience of financial services firms.
March 10, 2025 Cyber Threat Intelligence Briefing
March 10, 2025 Cyber Threat Intelligence Briefing This week’s briefing covers: BLACK BASTA Affiliates Linked to CACTUS Ransomware Researchers have linked CACTUS ransomware tactics to former affiliates of BLACKBASTA, noting the use of similar tools and techniques. CACTUS employs the BackConnect (BC) module for persistent control over infected systems, allowing for data theft and remote command execution.
March 03, 2025 Cyber Threat Intelligence Briefing
This week’s briefing covers: KTA080 (CL0P) Update KTA080 has released the names of the previously redacted victim organizations ranging from E-H. Additionally, KTA080 has identified 183 victims’ organization names broadly covering H-W. KTA374 (Salt Typhoon) Telecoms Targeting Update Cisco Talos has released further information on the targeting of telecoms organizations identified in late 2024. This information includes the high level of living-off-the-land techniques used by the threat actor.