Traditionally Hacktivists were thought of as ideologically motivated threat actors, unaffiliated with nation-states. However recently according the Cyberint research, the lines have blurred. There are now several Hacktivist groups who align with specific nation-states. One example is the KillNet Hacktivist Group. KillNet is a hacktivist group aligned with Russia, who gained significant attention at the onset of the Russia-Ukraine conflict.

A recent wave of advanced persistent threat (APT) attacks is spreading throughout the Asia-Pacific (APAC) region, and these have been attributed to a newly identified group known as Dark Pink (also referred to as the Saaiwc Group). While evidence suggests that Dark Pink commenced its operations as early as mid-2021, the group’s activities escalated notably in the latter part of 2022.

In the last several days, a new info stealer known as the “Continental stealer” has gained traction in dark web forums. This stealer has the potential to become one of the more powerful participants in the InfoStealer industry, thanks to its simple and easy-to-use architecture. In this report, we will review the stealer infrastructure, features, and functionality.

Last seen on November 2nd, 8Base is a ransomware collective that initiated its operations in April 2022. Despite its relatively short time in the cyber landscape, the group has swiftly garnered a reputation for its forceful strategies and the substantial volume of victims it has affected. Its primary focus centers on small and medium-sized businesses (SMBs) across diverse sectors such as business services, retail, finance, manufacturing, and information technology.

On October 31st, Atlassian disclosed a significant security vulnerability tracked as CVE-2023-22518, affecting all versions of Confluence Data Center and Confluence Server software. This vulnerability, rated with a critical severity score of 9.1 in the Common Vulnerability Scoring System (CVSS), has the potential to result in substantial data loss if exploited by threat actors. Its critical nature arises from its capacity to inflict severe consequences on an organization’s data integrity.

One of the ransomware rising stars (or should we say villians) of 2023 has been Akira. It was first discovered in March 2023 and since then Akira has already compromised at least 63 victims. Interestingly, Akira is offered as a ransomware-as-a-service and preliminary research suggests a connection between the Akira group and threat actors associated with the notorious ransomware operation Conti.

Cyberint’s holistic approach offers unmatched visibility, in-depth threat insights, and continuous risk monitoring with an unparalleled market understanding, according to Frost & Sullivan. Tel Aviv, Israel – November 1st, 2023 – Cyberint, the leader in impactful intelligence, is proud to announce that it has been recognized as the “Company of the Year” in the Global External Risk Mitigation & Management (ERMM) industry by Frost and Sullivan.

When it comes to cybersecurity in Asia today, some of the key threats that organizations face – like ransomware and phishing – are consistent risks that all cybersecurity teams are surely familiar with. But others are more fluid and may evolve rapidly. Cyberattacks related to hacktivism, for example, are a growing threat in the APAC region, and generative AI technology is also impacting Asia cybersecurity challenges in novel ways.

Okta, a provider of identity and authentication management services, reported that threat actors were able to access private customer data by obtaining credentials to its customer support management system. According to Okta’s Chief Security Officer, David Bradbury, the threat actor had the capability to view files uploaded by specific Okta customers in recent support cases.