BigBrother Blog 2025- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
| 20.12.25 | India Criminalizes Tampering with Telecommunication Identifiers and Unauthorized Radio Equipment Under the Telecommunications Act | India’s Telecommunications Act punishes SIM tampering and possession of unauthorized equipment, boosting accountability and telecom cybersecurity. | BigBrother blog | |
| 20.12.25 | How to Operationalize NSA Guidance on UEFI Secure Boot at Scale | The NSA’s newly released Guidance for Managing UEFI Secure Boot signals a long-overdue but critical shift: firmware-level security is no longer a footnote in cybersecurity policy; it’s front and center. For those of us who’ve spent years addressing firmware risks across the enterprise, the guidance is welcome and timely, as malware that bypasses Secure Boot has grown increasingly common. The NSA’s guidance adds visibility and credibility to an issue that is reaching a tipping point in urgency. | BigBrother blog | Eclypsium |
| 13.12.25 | New NIS-2 Law in Germany Expands Cybersecurity Oversight and Introduces Heavy Fines | The NIS-2 Implementation Act in Germany increases oversight, executive accountability, and penalties while organizations prepare for compliance. | BigBrother blog | |
|
6.12.25 |
Operation DupeHike : UNG0902 targets Russian employees with DUPERUNNER and AdaptixC2 |
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – DUPERUNNER Implant Stage 3 – AdaptixC2 Beacon. Infrastructural Artefacts. Conclusion SEQRITE Protection.... |
||
| 29.11.25 | Australia Releases 2025 Implementation Plan to Advance National Data and Digital Transformation | Australia’s 2025 Implementation Plan drives progress in AI, data, service delivery and cybersecurity to strengthen the nation’s digital future. | BigBrother blog | Cyble |
| 15.11.25 | Crossed wires: a case study of Iranian espionage and attribution | Between June and August 2025, Proofpoint began tracking a previously unidentified threat actor dubbed UNK_SmudgedSerpent targeting academics and foreign policy experts. | BigBrother blog | PROOFPOINT |
| 8.11.25 | Australia Strengthens Regional Cyber Partnerships to Bolster Security Across the Asia-Pacific | Australia, through ACSC and Cyber Affairs and Critical Technology, strengthens Asia-Pacific cybersecurity via PaCSON, APCERT, and regional threat-sharing initiatives. | BigBrother blog | Cyble |
| 8.11.25 | South Africa Launches Pilot for Secure Data Exchange Among Government Agencies | South Africa’s MzansiXchange initiative, led by the National Treasury, is pioneering secure data exchange across government. | BigBrother blog | Cyble |
| 8.11.25 | Crossed wires: a case study of Iranian espionage and attribution | In June, Proofpoint Threat Research began investigating a benign email discussing economic uncertainty and domestic political unrest in Iran. While coinciding with the escalations in the Iran-Israel conflict, there was no indication that the observed activity was directly correlated with Israel’s attacks on Iranian nuclear facilities or Iran’s actions in response. | BigBrother blog | PROOFPOINT |
| 1.11.25 | Ukrainian organizations still heavily targeted by Russian attacks | Attackers are gaining access using a custom, Sandworm-linked webshell and are making heavy use of Living-off-the-Land tactics to maintain persistent access. | BigBrother blog | SECURITY.COM |
|
11.10.25 |
DPRK SANCTIONS VIOLATIONS IN CYBER OPERATIONS POST UN PANEL DEMISE | EXECUTIVE SUMMARY Since the termination of the United Nations (UN) Panel of Experts in April 2024 due to Russia's veto, the landscape of Democratic People's Republic of Korea | BigBrother blog | Cyfirma |
| 4.10.25 | Rising Cyber Threats to Bahrain: Hacktivists and Data Breaches | EXECUTIVE SUMMARY In this report, our researchers analyzed recent cyber activity targeting Bahrain, including politically motivated hacktivism, credential leaks, government email | BigBrother blog | Cyfirma |
| 30.8.25 | The Silent Data Leak Crisis in Australia’s Supply Chains | Australia faces a surge in AI-driven cyberattacks and supply chain vulnerabilities, with one cyberattack per second and over 1,100 data breaches reported in 2024. | BigBrother blog | Cyble |
| 30.8.25 | FAQ: What Does the EU Cyber Resilience Act (CRA) Mean for Hardware and Firmware Supply Chain Security | The European Union’s Cyber Resilience Act (CRA), Regulation (EU), 2024/2847, “aims to safeguard consumers and businesses” from risks introduced through the digital supply chain. To satisfy this regulation, countless organizations will have to change how they operate. | BigBrother blog | Eclypsium |
| 23.8.25 | EXECUTIVE THREAT LANDSCAPE REPORT : SAUDI ARABIA | Why Do Cyber Threat Actors Target Saudi Arabia? Energy Superpower: As the world's largest oil exporter, any disruption to Saudi energy assets can ripple across global markets, | BigBrother blog | Cyfirma |
| 23.8.25 | The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign | The Trellix Advanced Research Center uncovered a sophisticated espionage operation targeting diplomatic missions across several regions in South Korea during early 2025. | BigBrother blog | Trelix |
| 17.8.25 | Operation CargoTalon : UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant. | Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious Email File. Stage 1 – Malicious LNK file. Stage 2 – Looking into the decoy file. Stage 3 – Malicious EAGLET implant. Hunting and Infrastructure. Infrastructural details.... | BigBrother blog | Seqrite |
| 17.8.25 | GREY ZONE WARFARE IN CHINA’S STALLED SOUTH CHINA SEA AMBITIONS | INTRODUCTION – A DECADE OF AGGRESSION For the past several years, an emboldened China has intensified its aggression in the South China Sea, zeroing in on the | BigBrother blog | Cyfirma |
| 17.8.25 | New DoD Cyber Supply Chain Security Guidance from GAO and Secretary of Defense | The first half of 2025 has seen a flood of new cybersecurity guidance for the U.S. Federal government, and particularly the Department of Defense. | BigBrother blog | Eclypsium |
| 26.7.25 | A Special Mission to Nowhere | Following the Israel-Iran ceasefire, FortiGuard Labs uncovered a phishing campaign posing as a private jet evacuation service from Tel Aviv to New York. Learn how attackers used crisis-driven fear to steal personal and financial data. | BigBrother blog | FORTINET |
| 19.7.25 | MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities | Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses. | BigBrother blog | CISCO TALOS |
| 12.7.25 | Pay2Key’s Resurgence: Iranian Cyber Warfare Targets the West | In the volatile aftermath of the Israel-Iran-USA conflict, a sophisticated cyber threat has re-emerged, targeting organizations across the West. | BigBrother blog | MORPHISEC |
| 5.7.25 | NSB Alerts the Significant Cybersecurity Risks in China-Made Mobile Applications | In recent years, the international community has shown growing concerns over cybersecurity issues deriving from China-developed mobile applications (apps). | BigBrother blog | nsb.gov.tw |
| 28.6.25 | Hacktivists Launch DDoS Attacks at U.S. Following Iran Bombings | Hacktivist attacks surge on U.S. targets after Iran bombings, with groups claiming DDoS hits on military, defense, and financial sectors amid rising tensions. | BigBrother blog | Cyble |
| 28.6.25 | 12 DAY WAR UPDATE | TEHRAN'S WEAKENED POSITION Militarily, Iran is in its most vulnerable position in decades. The country's economy has been weakened by decades of extensive sanctions, economic | BigBrother blog | Cyfirma |
| 14.6.25 | Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware | Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware. Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and... | BigBrother blog | Seqrite |
| 7.6.25 | UKRAINE’S ATTACK ON RUSSIA’S STRATEGIC AIR FORCE – LIVE FEED FROM A REVOLUTION IN MILITARY AFFAIRS | EXECUTIVE SUMMARY In a stunning move on June 1, 2025, Ukraine unleashed "Operation Spider's Web", a daring, long-range drone attack that reportedly crippled up to a third of | BigBrother blog | Cyfirma |
| 7.6.25 | Firewalls and Frontlines: The India-Pakistan Cyber Battlefield Crisis | EXECUTIVE SUMMARY At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed by malicious actors, targeting both organizations | BigBrother blog | Cyfirma |
| 24.5.24 | WHILE TRUMP DISRUPTS THE WORLD ORDER, CHINA PREPARES FOR WAR OVER TAIWAN | With Donald Trump’s erratic style and his many isolationist tendencies, none of America’s allies can be 100% sure where they stand. Unlike Ukraine—which, despite America’s wavering | BigBrother blog | Cyfirma |
| 10.5.24 | EXPLAINER : THE ALGERIA / MOROCCO TENSIONS | EXECUTIVE SUMMARY Since Algeria severed diplomatic ties with Morocco in 2021, tensions between the two neighbors have largely remained confined to the diplomatic arena. However, | BigBrother blog | Cyfirma |
| 25.4.25 | Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations | In this blog entry, we discuss how North Korea's significant role in cybercrime – including campaigns attributed to Void Dokkaebi – is facilitated by extensive use of anonymization networks and the use of Russian IP ranges. | BigBrother blog | Trend Micro |
| 12.4.25 | Hacktivists Increasingly Target France for Its Diplomatic Efforts | Pro-Russian and pro-Palestinian hacktivist groups share a common adversary in France, leading to coordinated cyberattacks against the country. | BigBrother blog | Cyble |
| 12.4.25 | One mighty fine-looking report | Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files. | BigBrother blog | Palo Alto |
| 6.4.25 | The beginning of the end: the story of Hunters International | Learn about technical details on the ransomware and Storage Software tool, how the criminals use the affiliate panel as well as information on the Hunters International ransomware group from its emergence to the end of the operation. | BigBrother blog | Group-IB |
|
22.3.25 |
UAT-5918 targets critical infrastructure entities in Taiwan | UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting. | BigBrother blog | Cisco Blog |
| 1.3.25 | Modern Approach to Attributing Hacktivist Groups | Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact. | BigBrother blog | Checkpoint |
|
22.2.25 |
Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek |
Unit 42 researchers recently revealed two novel and effective jailbreaking techniques we call Deceptive Delight and Bad Likert Judge. |
||
|
22.2.25 |
CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia |
We identified a cluster of activity that we track as CL-STA-0048. This cluster targeted high-value targets in South Asia, including a telecommunications organization. |