Russia operates in the grey zone against Ukraine. Unpatched VMware Horizon servers attacked. New firmware bootkit.
Cyberattacks hit Ukrainian government sites. Iranian cyberespionage activity: attribution and TTPs. REvil members arrested in Russia.
2022 begins with the continuing detection and mitigation of Log4j vulnerabilities. Ransomware exploitation of Log4j vulnerabilities. Another nation-state actor exploits Log4j issues. Internet lockdown in Kazakhstan. DPRK operators are phishing for Russian diplomats. Tehran-aligned hacktivists commemorate General Soleimani's death. Miscellaneous ransomware attacks. CISA and the FTC brandish, respectively, carrots and sticks.
High technical marks for commercial surveillance software.
Chinese cyberespionage for the Belt and Road Initiative. NSO Group's software used to target US personnel. Microsoft seizes Chinese threat actor's domains.