BotNet News

Welcome to Cyberthreat News, a weekly update on threats impacting business and society around the world.

A ransomware attack wiped four months of data from the Sri Lankan government’s cloud services system, highlighting the need to prepare for and mitigate such attacks.

The Lazarus APT group breached three European defense firms to steal specialized knowledge on single-rotor drone components, showing how attackers can target specific industry sectors and use social engineering techniques to infiltrate systems.

Chinese cyber espionage surged in 2024, targeting financial, media, manufacturing, and industrial sectors. The country’s cyberespionage capabilities continue to improve, with attacks leveraging more sophisticated techniques and improved command-and-control.

Cybercriminals are selling a stolen data set that purportedly includes personal identification information for half a billion Chinese citizens and classified documents. The set was sold on underground forums for $1,500 per record, illustrating the growing market for stolen data.

Vietnamese hackers targeted congressional staff members, including chairmen of the House Foreign Affairs and Senate Homeland Security and Governmental Affairs Committees, with malware that attempted to steal their calls and text messages. The attack was aimed at raising funds for political purposes.

A malware campaign exploiting a remote code execution vulnerability in Cisco Unified Communications Manager Server (UCM) was discovered and analyzed by Push Security, who found 18 kits and 37x spikes in detections. Join Push Security VP of R&D Luke Jennings for an attacker-side demo and breakdown of the kits we’re tracking in the wild.