Webhook | Breaking Cybersecurity News | The Hacker News

The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05, Pawn Storm, Sednit, Sofacy, and TA422, is an advanced persistent threat (APT) group affiliated with Russia's strategic military intelligence unit, the GRU. The hacking crew operates with a high level of stealth and sophistication, often demonstrating their adaptability through deep preparedness and custom tooling, and relying on legitimate internet services (LIS) and living off-the-land binaries (LOLBins) to conceal their operations within regular network traffic. "From April to December 2023, BlueDelta deployed Headlace malware in three distinct phases using geofencing techniques to target networks throughout Europe with a heavy focus on Ukraine," Recorded Future's Insikt

Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called  APT28 . "The campaign sent emails with content intended to arouse the recipient's interest and persuade him to click on the link," the computer emergency response team, CERT Polska,  said  in a Wednesday bulletin. Clicking on the link redirects the victim to the domain run.mocky[.]io, which, in turn, is used to redirect to another legitimate site named webhook[.]site, a  free service  that allows developers to inspect data that's being sent via a webhook, in an effort to evade detection. The next step involves the download of a ZIP archive file from webhook[.]site, which contains the Windows Calculator binary that masquerades as a JPG image file ("IMG-238279780.jpg.exe"), a hidden batch script file, and another hidden DLL file ("WindowsCodecs.dll"). Should a victim run the application, the malic

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.