A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. Mandiant, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as “UNC3524”, says that while the group’s corporate targets hint at
In June of last year, Cox Media Group (CMG) IT systems and live streams were the targets of a ransomware attack. The Microsoft Threat Intelligence Center (MSTIC) has attributed the attack to an Iranian threat actor, codenamed DEV-0270, a group linked to multiple intrusions of US companies. The attack is part of larger trends in Iranian hacker activity globally identified by the MSTIC. This attribution is also one of many Log4Shell vulnerability headlines of the last three weeks, as DEV-0270 (also known as Phosphorus) exploited Log4Shell in Log4j for initial access to the CMG systems.