professional services
Coverage of professional services in the Nexus archive.
- Stealthy Mistic backdoor linked to ransomware access broker KongTuke
A new backdoor called Mistic has been detected in financially motivated cyberattacks targeting organizations in insurance, education, IT, and professional services sectors. The backdoor is linked to a ransomware access broker named KongTuke.
- UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers revealed a data theft extortion campaign targeting U.S. organizations in professional, legal, and financial services between January and May 2026. The campaign, attributed to UNC3753, involved vishing and physical intrusions, with Google Mandiant and Google Threat Intelligence Group identifying the threat actor.
- MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
The Iranian hacking group MuddyWater has been linked to a cyber espionage campaign targeting nine organizations across nine countries in Q1 2026. The campaign used DLL side-loading to compromise industrial, electronics manufacturing, education, public-sector, financial services, and professional services sectors, according to the Threat Hunter Team from Symantec and Carbon Black.