security

soc

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

06.04.2026

Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised […]

Mehr lesen →

soc

Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

06.04.2026

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp […]

Mehr lesen →

security

ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)

06.04.2026

Mehr lesen →

security

TeamPCP Supply Chain Campaign: Update 001 – Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

06.04.2026

This is the first update to the TeamPCP supply chain campaign threat intelligence report, „When the Security Scanner Became the Weapon“ (v3.0, March 25, 2026). That report covers the full campaign from the February 28 initial access through the March 24 LiteLLM PyPI compromise. This update covers developments since publication.

Mehr lesen →

security

ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)

06.04.2026

Mehr lesen →

security

ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)

06.04.2026

Mehr lesen →

security

DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)

06.04.2026

A lot of the information seen on DShield honeypots [1] is repeated bot traffic, especially when looking at the Cowrie [2] telnet and SSH sessions. However, how long a session lasts, how many commands are run per session and what the last commands run before a session disconnects can vary. Some of this information could […]

Mehr lesen →

security

ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)

06.04.2026

Mehr lesen →

security

TeamPCP Supply Chain Campaign: Update 003 – Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)

06.04.2026

This is the third update to the TeamPCP supply chain campaign threat intelligence report, „When the Security Scanner Became the Weapon“ (v3.0, March 25, 2026). Update 002 covered developments through March 27, including the Telnyx PyPI compromise and Vect ransomware partnership. This update covers developments from March 27-28, 2026.

Mehr lesen →

security

TeamPCP Supply Chain Campaign: Update 002 – Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

06.04.2026

This is the second update to the TeamPCP supply chain campaign threat intelligence report, „When the Security Scanner Became the Weapon“ (v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026.

Mehr lesen →

📅 Kalender