ThreatsHub Cybersecurity News

Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver initial access payloads as the start of a modular and multi-stage attack chain.
The post Malvertising campaign leads to info stealers hosted on GitHub appeared first on Microsoft Security Blog. READ MORE HERE…

The Register

March 6, 2025 TH Author

Cybereason CEO leaves after months of boardroom blowups

Complaint alleges 13 funding proposals foundered amid battle for control Eric Gan is no longer CEO of AI security biz Cybereason after what appears to have been a protracted and unpleasant fight with investors, including the SoftBank Vision Fund and Liberty Strategic Capital.… READ MORE HERE…

ZDNet | Security

March 6, 2025 TH Author

The best VPN routers of 2025

Looking for a router that can provide full, convenient VPN coverage at home? These are the best routers that support VPN installation or include pre-installed software.READ MORE HERE…

The Register

March 5, 2025 TH Author

Apple drags UK government to court over ‘backdoor’ order

A first-of-its-kind legal challenge set to be heard this month, per reports Updated Apple has reportedly filed a legal complaint with the UK’s Investigatory Powers Tribunal (IPT) contesting the British government’s order that it must forcibly break the encryption of iCloud data.… READ MORE HERE…

The Register

March 5, 2025 TH Author

China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets

They’re good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence.… READ MORE HERE…

Microsoft Secure

March 5, 2025 TH Author

Silk Typhoon targeting IT supply chain

Silk Typhoon is a Chinese state actor focused on espionage campaigns targeting a wide range of industries in the US and throughout the world. In recent months, Silk Typhoon has shifted to performing IT supply chain attacks to gain access to targets. In this blog, we provide an overview of the threat actor along with insight into their recent activity as well as their longstanding tactics, techniques, and procedures (TTPs), including a persistent interest in the exploitation of zero-day vulnerabilities in various public-facing appliances and moving from on-premises to cloud environments.
The post Silk Typhoon targeting IT supply chain appeared first on Microsoft Security Blog. READ MORE HERE…

The Register

March 5, 2025 TH Author

Ransomware thugs threaten Tata Technologies with leak if demands not met

Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant A subsidiary of Indian multinational Tata has allegedly fallen victim to the notorious ransomware gang Hunters International.… READ MORE HERE…

TrendMicro

March 5, 2025 TH Author

From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario

Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices. Read More HERE…

ZDNet | Security

March 4, 2025 TH Author