Malicious actors leveraged a Chinese cyberespionage operation-linked tool to facilitate an RA World ransomware intrusion against an Asian software and services organization in November, Security Affairs reports.
Bulletproof hosting service Zservers/XHost had 127 of its servers confirmed to be sequestered by the Dutch police just days after the service was sanctioned by the U.S., UK, and Australian authorities over its association with the LockBit ransomware operation, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks leveraging PowerShell and Dropbox have been deployed by North Korean state-backed advanced persistent threat operation Kimsuky against South Korean government, business, and cryptocurrency firms as part of the DEEP#DRIVE campaign, which may have been ongoing since September, The Hacker News reports.
Threat cluster REF7707 has compromised a South American country's foreign ministry and a Southeast Asian university and telecommunications organization in intrusions involving the new FINALDRAFT malware, reports The Hacker News.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
