DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers
Ransomware actor exploited RMM to access multiple organizations; Sophos EDR blocked encryption on customer’s network
Similar Posts
Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
Bys sCybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain…
Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested
Bys sJoint operation of the National Police and the Civil Guard press release: The suspect, who claimed responsibility for the intrusions into dark web forums, managed to access the computer services of public and private entities, including the Civil Guard, the Ministry of Defense, the National Mint and Stamp Factory, the Ministry of Education, Vocational Training…
How to Build a Lean Security Model: 5 Lessons from River Island
Bys sIn today’s security landscape, budgets are tight, attack surfaces are sprawling, and new threats emerge daily. Maintaining a strong security posture under these circumstances without a large team or budget can be a real challenge. Yet lean security models are not only possible – they can be highly effective. River Island, one of the UK’s…
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
Bys sA new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed…
How a hacking campaign targeted high-profile Gmail and WhatsApp users across the Middle East
Bys sZack Whittaker reports: On Tuesday, U.K.-based Iranian activist Nariman Gharib tweeted redacted screenshots of a phishing link sent to him via a WhatsApp message. “Do not click on suspicious links,” Gharib warned. The activist, who is following the digital side of the Iranian protests from afar, said the campaign targeted people involved in Iran-related activities, such as……
Texas Health and Human Services Commission Notifies Additional Individuals Regarding Insider Wrongdoing Breach
Bys sThere’s an update to an insider data breach previously announced in January 2025. Yesterday’s announcement brings the new total affected to almost 95,000 people. April 30, 2025. AUSTIN – The Texas Health and Human Services Commission is notifying an additional 33,529 recipients of agency services and other affected individuals that their protected health, personal identifying…