In a recent cybersecurity alert, the infamous Iranian hacking group APT33 (also known as Peach Sandstorm and Refined Kitten) has unleashed a new form of malware named "Tickler" to compromise the networks of various organizations across critical sectors in the United States and the United Arab Emirates. This latest campaign, observed between April and July 2024, has primarily targeted government, defense, satellite, and oil and gas industries.

Spyware is a type of malware that can be installed on your device without your knowledge. The main goal of spyware is to spy on you and gather your private information, like passwords or credit card information. Despite spyware being elusive and undetectable at times, you can tell if there is spyware on your laptop by recognizing common signs. Some of these signs include unwanted pop-up ads, slower performance, shorter battery life and redirections on your browser.

The events of Friday the 19th 2024 had a profound impact on organizations around the globe. I suppose a widespread global IT outage has a way of clarifying the mind—and IT leaders are recognizing that resilience is crucial for maintaining operations for their consumers, customers, staff, partners, and shareholders. But much of the post-mortem analysis seems to be misunderstanding key lessons from the outage.

There are several different types of spyware, such as adware, stalkerware and keyloggers. No matter what kind of spyware is installed on your device, it is frightening to have your privacy invaded and sensitive information stolen by cybercriminals. Read more to learn what spyware is, the different types of spyware and how to protect your devices from spyware.

BlueVoyant’s Threat Fusion Cell (TFC) uncovered a focused campaign targeting the advanced manufacturing sector. This campaign aims to steal Microsoft credentials, by spoofing Microsoft’s login page, to phish for potentially compromising sensitive information.

Xeon Sender targets cloud APIs, Cisco Talos reveals UAT-5394 infrastructure, and attackers leverage public.env files to extort victims.

You can tell if you have spyware on your device by looking for signs such as your device’s battery draining quickly, overheating, increased pop-ups or data usage and unfamiliar apps. Spyware is a kind of malware that, once unknowingly installed on your device, allows cybercriminals to spy on you and steal your private information. This information could be used by cybercriminals or sold on the dark web to commit fraud or identity theft.

Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in 2023, the mean cost of recovery for these entities has more than doubled to $2.83 million. Seventy-two percent of ransom demands made to state and local government organizations in 2024 were for $1 million or more, with 37% of demands for $5 million or more.

Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident within its internal cloud-based environment, leading to the deployment of Mallox ransomware by threat actors to its server. A misconfiguration allowed unauthorized individuals to bypass security restrictions. This blog details the initial access method, the tools used to execute their operations, and an analysis of the Mallox ransomware.