This cybersecurity recap highlights recent ransomware incidents, data breaches affecting millions, and the emergence of North Korean malware targeting macOS and crypto sectors. It also underscores ongoing geopolitical cyber cooperation and critical vulnerabilities in enterprise software, emphasizing the importance of timely patching and global collaboration. #HuntersInternational #KellyBenefits #Qantas #NimDoor #ITArmyOfRussia #Forminator #TeleMessage #CyberDome
Tag: CRITICAL INFRASTRUCTURE
Intelligence Group 13 is a key operational unit within Iran’s IRGC cyber command, integrating cyber-espionage, sabotage, and psychological warfare to conduct hybrid operations against adversaries. This group leverages a complex ecosystem of front companies and propaganda arms like CyberAveng3rs to execute covert intrusions, influence campaigns, and asymmetric retaliation targeting critical infrastructure and public perception. #IntelligenceGroup13 #CyberAveng3rs #ShahidKavehGroup #IRGCCyberCommand
Two new pro-Russian hacktivist groups, IT Army of Russia and TwoNet, have emerged to target Ukraine using DDoS attacks, data theft, and website defacements. These groups coordinate via Telegram, recruit insiders, and have claimed attacks on various Ukrainian and international targets, highlighting evolving tactics among Russian hacktivist actors. #ITArmyofRussia #TwoNet #Ukraine…
The cybercrime landscape in 2025 is heavily influenced by the Russia-Ukraine conflict, with pro-Russian hacktivist groups escalating attacks on Ukraine, NATO, and Western critical infrastructure. The involvement of groups like NoName057(16), IT Army of Russia, and TwoNet reflects a shift towards more aggressive cyber operations, including targeting industrial control systems. #NoName057(16)…
The Russia-Ukraine war has fueled increased pro-Russian hacktivist campaigns involving DDoS attacks, data theft, and website defacements targeting European and allied nations. Key groups like NoName057(16), IT Army of Russia, and TwoNet lead politically motivated cyberattacks, sometimes with suspected ties to Russian state actors. #NoName05716 #ITArmyofRussia #TwoNet #CyberArmyofRussiaReborn
Germany plans to enhance its cybersecurity collaboration with Israel by establishing a joint cyber research center called “Cyber Dome” and increasing cooperation between intelligence agencies. The initiative aims to improve cyber defenses, anti-drone systems, and emergency alert infrastructure amidst rising cyber tensions from Iran and other foreign threats. #CyberDome #IranianCyberattacks…
Pro-Iranian hackers threaten to release stolen emails linked to President Trump, but authorities dismiss the threat as a propaganda tactic. U.S. agencies warn of ongoing Iranian cyber threats targeting critical infrastructure and American interests. #IranianCyberattacks #TrumpEmails…
Since 2018, APT-C-36, known as Blind Eagle, has targeted Latin American organizations, especially in Colombia, using phishing campaigns and exploiting vulnerabilities like CVE-2024-43451. In a recent campaign detected by Darktrace in 2025, Blind Eagle used WebDAV-based payload delivery and dynamic DNS for command-and-control, leading to data exfiltration from a Colombian customer. #BlindEagle #APT-C-36 #CVE-2024-43451 #WebDAV #Remcos
Blind Eagle, also known as APT-C-36, has been targeting Colombian organizations and other Latin American sectors since 2018 using phishing campaigns and Remote Access Trojans with sophisticated methods to evade detection. A recent 2024-2025 campaign exploited a Microsoft Windows vulnerability via malicious URLs and leveraged WebDAV protocol for payload delivery and data exfiltration, with Darktrace detecting suspicious activity and highlighting the need for autonomous response capabilities. #BlindEagle #APT-C-36 #Remcos #CVE-2024-43451
![Cybersecurity News | Daily Recap [03 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [03 Jul 2025]")
Recent cyberattacks target high-profile organizations like the International Criminal Court and Swiss government, exposing critical vulnerabilities and data breaches. Authorities disrupted North Korean IT schemes and dismantled global crypto fraud rings, highlighting ongoing threats from nation-state actors and cybercriminal groups. #ICC Cyberattacks #Sarcoma #DarkAngels #North Korean IT Scheme #Crypto Fraud
Johnson Controls experienced a significant ransomware attack in September 2023, resulting in data theft and operational disruption worldwide. The Dark Angels ransomware group was linked to this incident, demanding $51 million in ransom. #DarkAngles #JohnsonControls
The Federal Reserve System adopts a scenario-based, intelligence-driven approach to manage national-scale cyber threats and ensure operational resilience amid evolving risks, including ransomware and cloud disruptions. Tammy Hornsby-Fink highlights the importance of federal collaboration, vendor risk management, and enhanced cyber threat intelligence sharing to strengthen systemic financial stability. #FederalReserve #OperationalResilience
Several US agencies warn that Iranian threat actors are actively targeting critical infrastructure, especially industrial control systems (ICS) and operational technology (OT), with varied cyberattacks. The government urges organizations to improve security measures to mitigate these risks, as many vulnerable devices remain exposed on the internet. #IranianHackers #ICSThreats…
A joint cybersecurity alert warns that Iranian-affiliated actors are actively targeting U.S. infrastructure using various attack techniques. Organizations are urged to strengthen defenses against threats exploiting unpatched systems, default passwords, and exposed ICS/OT environments. #IRGC #CyberEspionage…
U.S. cyber agencies issued an urgent warning about potential cyberattacks from Iranian-affiliated hackers targeting critical infrastructure sectors including energy, water, and healthcare. The threat involves exploitation of vulnerabilities and use of ransomware, DDoS, and destructive malware, emphasizing the need for enhanced cybersecurity measures. #IranianThreatActors #IRGC #CriticalInfrastructure #Ransomware #DDoS