Defense
North Korean Lazarus hackers targeted European defense companies
North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. The threat group’s activity was detected in late March and targeted organizations involved in the development of unmanned aerial vehicle (UAV) technology. ‘Operation DreamJob’ is a long-running Lazarus campaign where the adversary, posing as […]
New EDR-Freeze tool uses Windows WER to suspend security software
A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. The technique eliminates the need of a vulnerable driver and puts security agents like endpoint detection and response (EDR) tools into a state of hibernation. By using the WER framework together […]
Surge in networks scans targeting Cisco ASA devices raise concerns
Large network scans have been targeting Cisco ASA devices, prompting warnings from cybersecurity researchers that it could indicate an upcoming flaw in the products. GreyNoise has recorded two significant scanning spikes in late August, with up to 25,000 unique IP addresses probing ASA login portals and also Cisco IOS Telnet/SSH. The second wave, logged on August 26, 2025, was […]
Spikes in malicious activity precede new security flaws in 80% of cases
Researchers have found that in roughly 80% of cases, spikes in malicious activity like network reconnaissance, targeted scanning, and brute-forcing attempts targeting edge networking devices are a precursor to the disclosure of new security vulnerabilities (CVEs) within six weeks. This has been discovered by threat monitoring firm GreyNoise, which reports these occurrences are not random, […]
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia’s supersonic strategic bombers. According to Ukrainian news outlets, a source within GUR said the military intelligence hackers breached Tupolev’s systems and stole 4.4 gigabytes of classified information. This stolen data includes personal […]
Engineering giant Smiths Group discloses security breach
London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company’s systems. Smiths is a British multinational listed on the London Stock Exchange that employs more than 15,000 people in over 50 countries. It also provides products to customers in the energy, safety, security, aerospace, and defense markets and reported […]
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
A cyberespionage threat group known as ‘Bitter’ was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. MiyaRAT is used alongside the WmRAT malware, which is cyberespionage malware previously associated with Bitter. Proofpoint discovered the campaign and reports that the new malware is likely reserved for high-value targets, deployed only sporadically. Bitter […]