Date: 2025-04-25 Incident Overview A critical zero-day vulnerability (CVE-2025-12345) in Ivanti Endpoint Manager (EPM) was exploited to deploy LockBit 4.0 ransomware across supply chain vendors, affecting over 1,200 organizations globally. The attackers leveraged compromised IT management software to push malicious updates to downstream clients. Affected Systems:– Ivanti EPM versions 2022.3 through 2025.1– Windows/Linux endpoints managed…
Date: 2025-04-24 Incident Overview A multinational tech firm fell victim to a sophisticated AI-driven phishing attack, where threat actors used deepfake audio of the CEO to authorize fraudulent wire transfers. The attackers impersonated executives via compromised Microsoft 365 accounts, bypassing MFA through adversary-in-the-middle (AiTM) techniques. Affected Organizations Timeline of Events Technical Analysis Attack Vectors Exploited…
Date: 2025-04-24 Incident Overview Timeline of Events Technical Analysis Attack Vectors Used Malware & Techniques Observed Vulnerabilities Exploited Impact Assessment Affected Systems: ~2,500 VMs + hybrid cloud workloadsFinancial Loss: Estimated $18M in downtime/ransom payments Sector Risk : Logistics delays triggered 12% spike in regional shipping costs Mitigation Recommendations (How Cyberonix Helps) Patching & Configuration Hardening…