⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up. Hackers …
Thea Metz · about 20 hours ago · 3 minutes read


Cybersecurity Weekly Recap

LockBit Developer Arrested

Rostislav Panev, the alleged developer of the LockBit ransomware operation, has been arrested in the U.S. and charged for his role in netting over $230,000 in illicit gains. Law enforcement efforts continue to dismantle cybercriminal networks, bringing perpetrators to justice.

Lazarus Group Evolves Tactics

The North Korea-linked Lazarus Group remains active, targeting nuclear engineers with the CookiePlus malware. Their evolving tactics underscore the growing sophistication and threat diversity employed by malicious actors.

Apt29 Uses Open-Source Tool

The Russian state-sponsored APT29 group has repurposed an open-source attack tool to establish intermediate servers for remote access and data exfiltration, demonstrating the adaptability of cybercriminals in exploiting legitimate technologies for malicious purposes.

Serbian Journalist Targeted by Spyware

An independent Serbian journalist has fallen victim to a combination of forensic and spyware attacks, raising concerns over the use of invasive technologies to suppress civil society members.

The Mask Makes a Comeback

The elusive cyber espionage actor known as The Mask has resurfaced, targeting a Latin American organization twice in recent years. The group employs a range of malware to harvest sensitive data.

Trending CVEs

Several high-profile software flaws have been reported, including critical vulnerabilities in Sophos Firewall, Fortinet FortiClient EMS, BeyondTrust Privileged Remote Access, and Rockwell Automation PowerMonitor 1000. Update your systems promptly to address these security gaps.

Around the Cyber World

Recorded Future Labeled "Undesirable" in Russia

Russia has deemed U.S. threat intelligence firm Recorded Future as an "undesirable" organization, accusing it of aiding cyberattacks against Russia.

China Accuses U.S. of Cyber Attacks

The Chinese government has alleged that the U.S. government has conducted cyber attacks against Chinese technology firms to steal sensitive information.

New Android Spyware Found on Amazon Appstore

Researchers have discovered a new Android malware that infiltrated the Amazon Appstore, disguised as a BMI calculator. It collected sensitive data and stealthily recorded screen activities.

HeartCrypt Packer-as-a-Service Exposed

A packer-as-a-service called HeartCrypt has been offered for sale, enabling malware developers to protect malicious payloads. The operation has packed over 2,000 malware instances, involving approximately 45 different malware families.

Industrial Systems Targeted in New Malware Attacks

Malware targeting industrial systems has been detected, including Siemens engineering workstations and Mitsubishi EWSs. These attacks highlight the increasing risk to critical infrastructure.

Expert Webinar

Preparing for the Next Wave of Ransomware in 2025

Join Emily Laufer and Zscaler ThreatLabz to explore the latest ransomware trends and proactive strategies to mitigate them.

Cybersecurity Tools

AttackGen

AttackGen utilizes AI models and the MITRE ATT&CK framework to create tailor-made incident response scenarios, enhancing preparedness for cyber threats.

Brainstorm

Brainstorm enhances web fuzzing by employing local AI models and generating smart guesses for hidden files and API endpoints, increasing efficiency.

GPOHunter

GPOHunter detects and remedies security flaws in Active Directory Group Policy Objects, improving the resilience of your environment.

Tip of the Week

Don't Let Hackers Peek into Your Cloud

To secure your cloud storage, take proactive measures such as auditing for weaknesses, controlling access, and encrypting your data. Tools like ScoutSuite, Cloud Custodian, and rclone can facilitate these steps.

Conclusion

Holiday Cybersecurity

Secure your online holiday celebrations by implementing these tips:

  • Set strong passwords and update software on smart gifts.
  • Use official tracking links to avoid package delivery scams.
  • Update weak passwords on your various accounts.
  • Activate parental controls and create unique account details for gaming devices.

Let's embrace the spirit of the season while prioritizing cybersecurity for a safe and joyful holiday experience.