Resecurity reports a sharp uptick in malicious cyber activity directed at the Philippines during Q1 2024, marking a 325% increase compared to the previous year. This trend continues into Q2 2024, with a proliferation of cyberattacks orchestrated by previously unidentified threat actors. These attacks, often driven by a blend of hacktivist motives and state-sponsored propaganda, underscore a complex landscape of cyber threats. One notable example is the China-linked group Mustang Panda, which Resecurity has observed orchestrating sophisticated information warfare campaigns. The use of hacktivist-related aliases by threat actors blurs the lines between cybercriminal activities and state-backed malicious cyber operations, facilitating attribution avoidance and fostering domestic social unrest online. Key threat groups operating in the underground scene include Philippine Exodus Security (PHEDS), Cyber Operation Alliance (COA), Robin Cyber Hood (RCH), and DeathNote Hackers (Philippines), alongside independent actors and mercenaries. Collaboration between these groups and entities such as Arab Anonymous and Sylnet Gang-SG has been noted. Resecurity interprets this surge in activity as a precursor to broader malicious cyber operations, including cyber espionage and targeted attacks on government agencies and critical infrastructure. Notable targets have included the Department of Interior and Local Government, Bureau of Plant Industry, Philippine National Police, and Bureau of Customs. These developments highlight the growing cybersecurity challenges faced by the Philippines amidst escalating regional tensions.
Tanto Security has issued a warning regarding three critical-severity vulnerabilities in the Judge0 open-source service, posing a significant risk of sandbox escapes and complete t...
London Drugs, a prominent Canadian pharmacy and retail chain, has temporarily closed all its stores in response to a cybersecurity incident that occurred over the weekend. Initiall...
The Government Accountability Office (GAO) has identified new deficiencies in the Internal Revenue Service's (IRS) security management, access, and configuration management con...