Suspected Russian nation-state threat groups have duped multiple victims into granting potentially persistent access to networks via authentication requests and valid tokens.

Jackie Burns-Koven, Head of Cyber Threat Intelligence at Chainalysis

The Chinese nation-state threat group intruded five additional telecom networks between December and January, including two unnamed providers in the U.S., Recorded Future researchers said.

A subgroup of Seashell Blizzard exploited public vulnerabilities in internet-facing systems, Microsoft researchers said.

Zservers, a Russia-based company, along with two employees, allegedly ran specialized servers tied to ransomware attacks.

The multi-national law enforcement operation targeted the 8base ransomware gang.

A widely used python module for machine-learning developers can be loaded with malware and bypass detection measures.

Chainalysis says a combination of law enforcement actions and better defenses led to less money going out to ransomware actors.

The Common Vulnerability Scoring System has a lot of critics, but experts say it’s still the best unified way to share the severity of cybersecurity flaws.

Elon Musk’s takeover of key systems across the federal government is ignoring decades of laws, regulations and procedures, experts told CyberScoop.