New data from Microsoft shows that Nobelium, Thallium, and other nation-state attack groups are increasingly focusing on government agencies and NGOs.
Google researchers point to a resurgence in a decades-old session hijacking tactic, as seen in a recent phishing campaign.
A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.
Researchers observed known threat groups infecting victims with TrickBot for the first time in June, suggesting that the malware operators are expanding their distribution channels.
Researchers at VB2021 localhost gave an inside look into new malware families that the BlackTech espionage group is now using.