Vietnamese security firm GTSC warned of an attack campaign using a new zero-day affecting Microsoft Exchange servers that can lead to remote code execution.

The activity appears to have been done for espionage purposes and Mandiant believes it has a “nexus to China,” an assessment that was made with only low confidence.

Akamai uses automation to identify the newest malicious DNS domains and mitigate them with a very short mean-time-to-detect.

The Ukrainian Ministry of Defense believes that the Russian military will supplement cyberattacks with physical and kinetic strikes against electric facilities.

A new HHS alert sheds light on past and current spear-phishing and supply chain attacks against healthcare and pharma sectors by the Chinese state-backed threat group.

Companies need to review critical subnets and IP spaces, and ensure they have an “always-on” mitigation posture.

Secureworks researchers say Iranian group Cobalt Mirage's exploits of ProxyShell vulnerabilities primarily opportunistic as opposed to targeted.

Said Mandiant's senior vice president of strategy and alliances: "I recognize that at critical points in my life people leant me a hand, and I want to do that for others."

The DDoS attacks by an unknown group were riddled with anti-Russian messages, prompting security researchers to connect the incident to the Russia-Ukraine war.

Security researchers say while Worok has focused its attacks on bank and local governments in Asia and Africa, the threat group could change course at any time.