Cisco Details 'Salt Typhoon' Network Hopping, Credential Theft Tactics
Researchers in Cisco's threat intelligence unit say the Chinese state-sponsored hacking group Salt Typhoon successfully broke into US telco networks via old, unpatched vulnerabilities, stolen login credentials and basic 'living-off-the-land' (LOTL) tactics. A fresh report from the Cisco Talos Intelligence Group provides official confirmation that in at least one incident Salt Typhoon exploited CVE-2018-0171, a remote code execution vulnerability in Cisco's Smart Install feature. READ MORE...
Black Basta ransomware gang's internal chat logs leak online
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. ExploitWhispers, the individual who previously uploaded the stolen messages to the MEGA file-sharing platform, which are now removed, has uploaded it to a dedicated Telegram channel. It's not yet clear if ExploitWhispers is a security researcher who gained access to the gang's internal chat server or a disgruntled member. READ MORE...
US minerals company says crooks broke into email and helped themselves to $500K
A NASDAQ-listed US minerals company says cybercriminals broke into its systems on Valentine's Day and paid themselves around $500,000 - money earmarked for a vendor. In what sounds like a textbook business email compromise (BEC) scheme, NioCorp Developments told regulators on Wednesday that cybercrooks broke into its information systems, including "portions of its email systems," and misdirected a cool half a million dollars (approximately). READ MORE...
Google Docs used by infostealer ACRStealer as part of attack
An infostealer known as ACRStealer is using legitimate platforms like Google Docs and Steam as part of an attack, according to researchers. ACRStealer is often distributed via the tried and tested method of download as cracks and keygens, which are used in software piracy. The infostealer has been around since mid-2024 (as a beta test), but it's only really taken off in 2025. ACRStealer is capable of: READ MORE...
How China Pinned University Cyberattacks on NSA Hackers
Chinese government agencies and private firms attributed cyberattacks aimed at the country's Northwestern Polytechnical University to the United States' National Security Agency (NSA) based on IPs, incident timeline, keyboard input, human error, and deployed tools, a security researcher reports. In September 2022, China's National Computer Virus Emergency Response Center (CVERC) accused the NSA of tens of thousands of cyberattacks against networks in the country. READ MORE...
Proof-of-concept exploit released for 4 Ivanti vulnerabilities
Horizon3.ai researchers on Wednesday released technical details and a proof-of-concept (PoC) exploit for four critical Ivanti vulnerabilities that were first disclosed and patched last month. The absolute patch-traversal flaws impact Ivanti Endpoint Manager and, according to Horizon3.ai, could allow unauthenticated attackers to manipulate the Ivanti EPM machine account credential into being deployed in relay attacks, potentially leading to server compromise. READ MORE...
- ...in 1946, actor Alan Rickman ("Die Hard", "Harry Potter") is born in London, England.
- ...in 1972, US President Richard Nixon visits the People's Republic of China, opening diplomatic relations between the two nations.
- ...in 1979, comedian and filmmaker Jordan Peele ("Key & Peele", "Get Out") is born in New York City.
- ...in 1995, adventurer Steve Fossett lands in Saskatchewan, Canada, becoming the first person to complete a solo balloon flight across the Pacific Ocean.
