Автор: Jai Vijayan, Contributing Writer

The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.

The threat group uses its "Stargazers Ghost Network" to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.

Newly discovered "FrostyGoop" is the first ICS malware that can communicate directly with operational technology systems via the Modbus protocol.

According to Mandiant, among the many cyber espionage tools the threat actor is using is a sophisticated new dropper called DustTrap.

The tactic is not new, but there has been a steady increase in its use as of this spring.

With AI use ramping up rapidly, a growing number of enterprise security teams have begun putting controls in place to protect sensitive data from accidental exposure and leaks.

SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting.

The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago.

Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns.