ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed
Reports provide structured accounts of cyber incidents, vulnerabilities, and controls, helping readers assess security risks and responses.
Search across headline titles and summaries.
Background for this topic.
A report is a documented account of an event, investigation, assessment, or analysis, supported by evidence and presented for others to review. In information security, the term commonly covers incident findings, vulnerability research, threat-intelligence assessments, audit results, and surveys of security practices. A useful report states its scope, methods, evidence, timeframe, and level of confidence rather than presenting conclusions without context.
Reports help practitioners prioritize remediation, validate controls, and improve incident response, but their details require careful interpretation. A vulnerability report should identify affected versions, exploit conditions, and mitigation steps; an incident report should distinguish confirmed facts from assumptions and protect sensitive personal or investigative data. Threat reports may contain indicators of compromise that need verification before being used in detection systems. Reports used for compliance or executive decisions should preserve a clear evidence trail, since incomplete scope, outdated findings, or undisclosed conflicts can lead to misplaced security priorities.
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed
Also: Critical Infrastructure Security and Fortinet's Latest AcquisitionIn the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Attackers Demanding Up to $5 Million to Delete Stolen Data, Investigators ReportAttackers who stole terabytes of data from customers of Snowflake have been not only offering the data for sale on data leak marketplaces but also extorting some of the victims, demanding a ransom of $300,000 to $5 million each, security researchers report.
Publishing right before a major election is apparently just a coincidence A fresh report into the Nobelium offensive cyber crew published by France's computer emergency response team (CERT-FR) highlights the group's latest tricks as the country prepares for a major election and to host this year's Olympic and Paralympic Games.…
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021
Different Countries Have Different Levels of Law Enforcement InvolvementThis year's Sophos State of Ransomware report reveals how reporting levels and official responses vary across 14 countries. The survey finds that reporting ransomware attacks is common, and victims almost always receive support as a result.
It's Time for Big Tech to Be Held Accountable for Rampant Online FraudFrom account takeover threats to fake investment schemes, it doesn't take much time on social media to stumble upon a scam. But if you try to report these bad actors to social platforms such as Facebook, you may have a hard time doing so. On Facebook, "scam" or "fraud" aren't reporting options.
New Report Says DOD Is Lagging in Procuring New Tech Amid Cybersecurity FailuresThe U.S. Department of Defense is struggling to rapidly test and deploy emerging technologies due to a series of cybersecurity and workforce challenges that hinder the Pentagon's process of acquiring weapon systems, according to a new Government Accountability Office report.
New Report Finds Chemical Firms Are Investing in Cyber, Raising CISO VisibilityChemical companies have significantly boosted their cyber budgets over the past five years, according to a 2023 cyber survey published Monday, as awareness of cybersecurity vulnerabilities has steadily risen across the industry and new U.S. and E.U. regulations loom on the horizon.
A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. [...]
A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of cybersecurity, according to a new survey released this month by the Cloud Security Alliance (CSA)
Action1 reveals cybercriminals are increasingly targeting NGINX and Citrix load balancers
New report reveals China’s attempts to access leading AI research for military purposes