Tag: apt
-
North Korea’s ‘Citrine Sleet’ APT Exploits Zero-Day Chromium Bug
by
in SecurityNewsMicrosoft warned that the DPRK’s latest innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Chinese APT Exploits Versa Networks Zero-Day Flaw
by
in SecurityNewsThe vulnerability impacts versions of Versa Director prior to 22.1.4, and Versa Networks recommends that impacted users update to the fixed version as… First seen on duo.com Jump to article: duo.com/decipher/chinese-apt-exploits-versa-networks-zero-day-flaw
-
TIDRONE APT targets drone manufacturers in Taiwan
by
in SecurityNewsA previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an al… First seen on securityaffairs.com Jump to article: securityaffairs.com/168210/apt/tidrone-targets-organizations-taiwan.html
-
Commercial Spyware Vendors Have a Copycat in Top Russian APT
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/commercial-spyware-vendors-copycat-russian-apt
-
Tropic Trooper Attacks Government Organizations to Steal Sensitive Data
by
in SecurityNewsTropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group, and it has been active since 2011. This APT group pr… First seen on gbhackers.com Jump to article: gbhackers.com/tropic-trooper-attack-steal-sensitive-data/
-
Chinese cyber attack sparks alert over six-year-old MS vuln
by
in SecurityNewsAfter a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exp… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366599914/Chinese-cyber-attack-sparks-alert-over-six-year-old-MS-vuln
-
South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel
by
in SecurityNewsThe most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execu… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/south-korean-apt-exploits-1-click-wps-office-bug-nabs-chinese-intel
-
Gamaredon APT Launches Spear-Phishing Campaign Targeting Ukrainian Military
by
in SecurityNewsA sophisticated spear-phishing campaign orchestrated by the Gamaredon APT group has emerged as a threat to Ukrainian military personnel. Cyble Researc… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/gamaredon-campaign/
-
Researchers Unpacked AvNeutralizer EDR Killer Used By FIN7 Group
by
in SecurityNewsFIN7 (aka Carbon Spider, ELBRUS, Sangria Tempest) is a Russian APT group that is primarily known for targeting the U.S. retail, restaurant, and hospit… First seen on gbhackers.com Jump to article: gbhackers.com/avneutralizer-edr-killer-unpacked/
-
APT60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
by
in CISOA South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WP… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
-
Chinese APT sets sights on Middle East government orgs
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/chinese-apt-sets-sights-on-middle-east-government-orgs
-
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
by
in SecurityNewsCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, beari… First seen on securityonline.info Jump to article: securityonline.info/researcher-identifies-toddycat-inspired-apt-attack-leveraging-icmp-backdoor-and-microsoft-exchange-flaws/
-
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
by
in SecurityNewsToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. T… First seen on gbhackers.com Jump to article: gbhackers.com/toddycat-apt-exploits/
-
CVE-2024-7971: North Korean APT Citrine Sleet Exploits Chromium Zero-Day
by
in SecurityNewsIn a recent cybersecurity report, Microsoft Threat Intelligence has revealed that a North Korean threat actor, believed to be Citrine Sleet, has been … First seen on securityonline.info Jump to article: securityonline.info/cve-2024-7971-north-korean-apt-citrine-sleet-exploits-chromium-zero-day/
-
Czech Officials Targeted in Sophisticated Malware Campaign Disguised as NATO Documents
by
in SecurityNewsSeqrite Labs APT-Team has uncovered a sophisticated malware campaign, dubbed >>Operation Oxidový,
-
North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/01/week-in-review-sonicwall-critical-firewalls-flaw-fixed-apt-exploits-wps-office-for-windows-rce/
-
Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day
by
in SecurityNewsRedmond’s threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financi… First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-says-north-korean-cryptocurrency-thieves-behind-chrome-zero-day/
-
Operation DevilTiger: APT12’s Shadowy Tactics and Zero-Day Exploits Unveiled
by
in SecurityNewsThe QiAnXin Threat Intelligence Center has disclosed the technical details of a sophisticated cyber espionage campaign dubbed >>Operation DevilTiger,
-
North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit
by
in SecurityNewsNorth Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group C… First seen on securityaffairs.com Jump to article: securityaffairs.com/167848/breaking-news/north-korea-linked-apt-exploited-chrome-zero-day-cve-2024-7971.html
-
South Korea-linked group APT-C-60 exploited a WPS Office zero-day
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group A… First seen on securityaffairs.com Jump to article: securityaffairs.com/167825/hacking/apt-c-60-wps-office-zero-day.html
-
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
by
in SecurityNewsThe APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, … First seen on gbhackers.com Jump to article: gbhackers.com/deviltiger-apt-zero-day/
-
Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia’s APT29 and commercial spyware vendors. The p… First seen on securityweek.com Jump to article: www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa/
-
South Korean hackers exploited WPS Office zero-day to deploy malware
by
in SecurityNewsThe South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apt-c-60-hackers-exploited-wps-office-zero-day-to-deploy-spyglace-malware/
-
APT Gruppe Muddy Water attackiert MSPs
by
in SecurityNewsr Einblick in die undurchsichtige Welt der Cyberspionage und anderer wachsender Bedrohungen, mit denen Anbieter von Managed Services – und ihre Kunden… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/05/02/apt-gruppe-muddy-water-attackiert-msps/
-
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
by
in SecurityNewsESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which is… First seen on securityonline.info Jump to article: securityonline.info/eset-uncovers-zero-day-vulnerabilities-in-wps-office-exploited-by-apt-c-60/
-
APT Gruppe Evasive Panda verteilt Malware als Updates beliebter chinesischer Software
arch deckt eine Kampagne der als Evasive Panda bekannten APT-Gruppe auf, die eine internationale NGO in China mit Malware angreift. Diese wird über Up… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/04/26/apt-gruppe-evasive-panda-verteilt-malware-als-updates-beliebter-chinesischer-software/
-
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
by
in SecurityNewsESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/28/cve-2024-7262-cve-2024-7263/
-
US Sees Iranian Hackers Working Closely With Ransomware Groups
by
in SecurityNewsIranian state-sponsored APT Lemon Sandstorm is working closely with ransomware groups on monetizing network intrusions. The post US Sees Iranian Hacke… First seen on securityweek.com Jump to article: www.securityweek.com/us-sees-iranian-hackers-working-closely-with-ransomware-groups/
-
China-linked APT Volt Typhoon exploited a zero-day in Versa Director
China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt … First seen on securityaffairs.com Jump to article: securityaffairs.com/167658/apt/volt-typhoon-versa-director-zero-day.html