Author: Staff Writer
Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Essential Insights Target and Technique: A Chinese-speaking APT group, tracked as UAT-7237, is targeting Taiwan’s web infrastructure using customized open-source tools to maintain long-term access to high-value environments since at least 2022. Attack Methodology: The group employs unique tactics including a custom shellcode loader, "SoundBill," deploying Cobalt Strike as a primary backdoor, and using SoftEther VPN for persistent access, deviating from typical methods used by their associated subgroup, UAT-5918. Exploitation Process: UAT-7237 exploits unpatched security flaws, conducts reconnaissance to target systems, and utilizes tools like JuicyPotato and Mimikatz for privilege escalation and credential extraction, while also altering Windows Registry settings…
DLH Holdings Corp., a leading provider of digital transformation and cyber security, science research and development, and systems engineering and integration, announced that it has been awarded a task order valued at up to $46.9 million to continue providing information technology services including enterprise IT systems management, cyber security, software development, cloud computing, and more to the National Institutes of Health’s Office of Information Technology (“OIT”). OIT plays a central role in providing and supporting the information technology resources necessary to execute NIH’s critical health missions. Cyber Technology Insights : CrowdStrike Introduces Falcon Next-Gen Identity Security to Safeguard Every Identity Across Hybrid Environments…
Top Highlights Key Points: Manufacturers view cybersecurity as their third highest risk, following inflation and economic growth, according to a Rockwell Automation report. Over half of manufacturers prioritize securing operational technology (OT) assets, with nearly two-thirds already using or planning to deploy security platforms. More than 60% of IT professionals in manufacturing intend to adopt AI or machine learning to bolster security in the next year. The rise in cyber threats, highlighted by recent significant attacks like Colonial Pipeline and Clorox, has led to increased emphasis on cybersecurity as a business priority. Rising Cyber Threats in Manufacturing Manufacturers now rank…
Essential Insights Cyberattack Details: Colt Technology Services experienced a major cyberattack starting August 12, leading to an outage of services, including Colt Online and Voice API platforms, as IT staff work to mitigate the effects. Impact on Services: Initially reported as a “technical issue," the extent of the disruption forced Colt to take specific systems offline, affecting customer communication and support operations, with no timeline for restoration. Threat Actor’s Claim: The WarLock ransomware group, led by someone using the alias ‘cnkjasdfgd,’ claims responsibility for the attack, threatening to sell stolen data and alleging a significant breach of sensitive company information.…
Islam brings unique strengths at the intersection of security, networking, and AI Corelight, the fastest-growing provider of network detection and response (NDR) solutions, announced that veteran security researcher Ali Islam has joined the company to lead Corelight Labs, focused on delivering industry-leading AI-driven data and detections to enable complete, detailed monitoring of enterprise network activity for threat hunting, analysis, and response. Corelight Labs is a research and development team within Corelight focused on creating new ways to deepen network visibility and provide powerful analytics to strengthen cybersecurity. The team develops cutting-edge content and techniques for threat hunting, analysis, and response by leveraging…
Former HSBC Global Head of Advanced Analytical Products Cybersecurity Brennan Lodge joins as Fractional CISO, with Craig Stancil and Fred Smith adding depth in product and growth DeepTempo, a pioneer in behavioral threat detection powered by deep learning, announced three key additions to its leadership team. These hires strengthen DeepTempo’s capacity to meet growing enterprise demand for real-time, behavior-first security that outpaces AI-powered threats. As enterprises face a surge of polymorphic, evasive, and AI-enabled threats, DeepTempo is scaling its leadership to match. The company’s detection platform, Tempo, is powered by DeepTempo’s own LogLM, built in-house from the ground up, alongside…
Fast Facts Identity Theft for Sale: A hacker named ‘mydocs’ is selling tens of thousands of stolen Italian passports and ID cards, obtained from hotels, on a cybercrime forum. Federal Court System Breach: Russian hackers are believed to be behind an infiltration of the U.S. federal court filing system, compromising sealed records, particularly those related to individuals with Russian and Eastern European names. Ghanaian Scammers Extradited: Several members of a Ghana-based criminal organization, allegedly responsible for over $100 million in romance and business email compromise scams, have been extradited to the U.S. Critical Cybersecurity Threats: Significant vulnerabilities were patched in…
Now Available in the ConnectWise Marketplace, Absolute Resilience for MSPs Provides Recovery, Compliance, and Protection for MSP-Managed Endpoint Devices Absolute Security, a leader in enterprise cyber resilience, announced that Absolute Resilience for MSPs has launched a newly certified integration with ConnectWise RMM on the ConnectWise Asio platform. For more details on this new integration, please visit the ConnectWise Marketplace, which connects Managed Service Providers (MSPs) with a vast ecosystem of third-party integrations designed to enhance their service offerings and drive business growth. In today’s digital ecosystem, organizations face ransomware, data breaches, and complexity-driven incidents that can cause prolonged disruptions and negatively…
Top Highlights Security Urgency: Plex has alerted users to urgently update their Media Servers (versions 1.41.7.x to 1.42.0.x) due to a recently patched security vulnerability, though no CVE-ID has been assigned yet. User Notification: The company communicated the need for rapid updates via email, indicating the vulnerability could be exploited if not addressed quickly. Patch Availability: An updated version, Plex Media Server 1.42.1.10060, can be downloaded from the server management or official downloads page, providing necessary protective measures against the flaw. Historical Context: This incident marks a significant proactive approach by Plex, given its history of critical vulnerabilities and prior…
Tessell, the multi-cloud database-as-a-service (DBaaS) platform helping enterprises modernize databases and applications at scale, announced that it has successfully achieved Payment Card Industry Data Security Standard (PCI DSS) version 4.1 certification, the most rigorous standard for securing cardholder data globally. This milestone marks a significant advancement in Tessell’s mission to provide enterprise-grade security and compliance for customers operating in highly regulated industries. PCI DSS 4.1 introduces stronger authentication, continuous risk assessments, and adaptive security requirements, raising the bar for any cloud provider handling sensitive data. Tessell’s early certification signals its enterprise-readiness and platform maturity. Cyber Technology Insights : CrowdStrike Introduces Falcon Next-Gen…