Sharpening the knife: GOLD BLADE’s strategic evolution
Updates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deployment
Similar Posts
Za: Cyber extortionist sentenced to eight years in jail
Bys sAdmire Moyo reports on an insider wrongdoing case in South Africa: In a landmark case, a man was last week sentenced to eight years in jail for contravening South Africa’s Cyber Crimes Act. Lucky Majangandile Erasmus (36), a former employee of Ecentric Payment Systems, was sentenced by the Specialised Commercial Crimes Court after entering into…
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Bys sThe Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate…
From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math
Bys sMore great reporting and analysis by Therese Defino of the Health Care Compliance Association (HCCA): A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different hospital…
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
Bys sIvanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog. The critical-severity vulnerabilities are listed below – CVE-2026-1281 (CVSS…
No Need to Hack When It’s Leaking: App for outing Charlie Kirk’s critics leaked its users’ personal data
Bys sMikael Thalen reports: An app for anonymously reporting individuals accused of speaking ill against conservative activist Charlie Kirk leaked personal data about its users. The app, known as “Cancel the Hate,” was taken offline on Thursday amid an investigation into the data leak by Straight Arrow News. Launched in the wake of Kirk’s assassination on Sept. 10,……
Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
Bys sBill Toulas reports: Kelly & Associates Insurance Group (dba Kelly Benefits) is informing more than half a million people of a data breach that compromised their personal information. The Maryland-based health and life insurance agency has issued an update on a security incident it suffered last year between December 12-17, when unauthorized actors breached its IT…