Microsoft has revealed that a state-sponsored Russian hacking group, known as Midnight Blizzard, accessed some of its corporate email accounts and stole some emails and documents from senior executives and employees working in security and legal teams. The breach, which occurred in late November 2023 and was discovered on January 12, 2024, was the result… Read More »
The cybersecurity landscape continues to witness sophisticated attacks targeting critical infrastructure. In a concerning development, whilst a few months ago, multiple U.S. Government IIS servers have fallen victim to cyber-attacks exploiting vulnerabilities in Progress Telerik software. In this article, I aim to provide a comprehensive overview of the attacks, technical details, threat actor activity, and… Read More »
As technology advances, so does the intricacy and sophistication of cyber operations. This trend creates an urgent need for robust regulatory frameworks, particularly concerning international law and cyber activities. Recent episodes of state-sponsored cyber espionage, most notably those attributed to the Chinese Communist Party, have thrown this necessity into sharp relief. The spectrum of these… Read More »
The digital age has ushered in new frontiers, bringing with it an uptick in cybersecurity breaches. When faced with such incidents, the affected parties often turn to the judiciary to help manage and mitigate the damage. However, securing an injunction against unidentified individuals— “against persons unknown” or in an American context a “John Doe” injunction—in… Read More »
Introduction This week, the Department of Defense (DoD) delivered its highly anticipated classified 2023 DoD Cyber Strategy to Congress. This comprehensive strategy outlines the Department’s approach to operating in and through cyberspace, with the aim of safeguarding the American people and advancing the defense priorities of the United States. The strategy builds upon previous initiatives,… Read More »
Microsoft has detected stealthly and targeted malicious attacks that are primarily focused on the access of credentials and exploration of network systems following a successful compromise. These operations target essential infrastructure organisations in the United States and are orchestrated by Volt Typhoon, a China-based state sponsored actor , who engages in information gathering and espionage.… Read More »
Cyber threats have become more sophisticated and harder to detect. Among evolving cyber threats, one strategy stands out for its stealth and efficacy: the “Living Off the Land” (LOTL) technique. As the cyber threat landscape continues to evolve, understanding such tactics becomes paramount for businesses and individuals alike. What is Living Off the Land? In… Read More »