Threat Intelligence Executive Report – Volume 2025, Number 5
This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during July and August
Similar Posts
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
Bys sThe China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023. “The threat actor mainly targets the SQL injection vulnerabilities discovered on web applications to access the SQL servers of…
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
Bys sYouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. “What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck,…
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security
Bys sActive Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
Authorities released free decryptor for Phobos and 8base ransomware
Bys sPierluigi Paganini reports: Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang takedown. The software can be downloaded from the police website and Europol’s NoMoreRansom site. The tool works on files with extensions like .phobos,…
Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins
Bys sDefendants Spent $4M at Nightclubs, $9M on Exotic Cars WASHINGTON – A four-count superseding indictment, unsealed today in U.S. District Court, charges 12 additional people – Americans and foreign nationals – for allegedly participating in a cyber-enabled racketeering conspiracy throughout the United States and abroad that netted them more than $263 million. Several were arrested…
U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
Bys sYet another reminder of the insider threat: a press release from the Department of Justice. Ironically, this insider worked for the Insider Threat Division of the Defense Intelligence Agency. An IT specialist employed by the Defense Intelligence Agency (DIA) was arrested today for attempting to transmit national defense information to an officer or agent of…