Tag: apt
-
VPNs and Clouds: New Tools in the APT Arsenal, ESET Warns
ESET’s latest APT Activity Report for April through September 2024 offers new insights into the evolving tactics, targets, and geographical reach of state-aligned Advanced Persistent Threat (APT) groups. The report... First seen on securityonline.info Jump to article: securityonline.info/vpns-and-clouds-new-tools-in-the-apt-arsenal-eset-warns/
-
New Keylogger Targeting U.S. Organizations Linked to North Korean APT Group Andariel
by
in SecurityNewsA recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Ko… First seen on securityonline.info Jump to article: securityonline.info/new-keylogger-targeting-u-s-organizations-linked-to-north-korean-apt-group-andariel/
-
Chinese APTs Cash In on Years of Edge Device Attacks
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apts-edge-device-attacks
-
Sri Lanka: New Target for T04 APT Group
by
in SecurityNewsIn a recent report by cybersecurity expert Nimantha Deshappriya, details have emerged about a sustained cyber-espionage campaign orchestrated by the a… First seen on securityonline.info Jump to article: securityonline.info/sri-lanka-new-target-for-t-apt-04-apt-group/
-
BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts
by
in SecurityNewsIn a disturbing revelation from SentinelLabs, North Korean-affiliated threat actors, suspected to be linked to the notorious BlueNoroff APT, are actively targeting cryptocurrency businesses and macOS users. Dubbed the ‘Hidden... First seen on securityonline.info Jump to article: securityonline.info/bluenoroffs-new-macos-threat-hidden-risk-targets-crypto-enthusiasts/
-
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers
by
in SecurityNewsUS CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. The Consumer Financial Protection Bureau (CFPB) is a U.S.…
-
ESET APT Activity Report Q2 2024-Q3 2024
by
in SecurityNews
Tags: aptESET gibt einen Überblick über die Aktivitäten ausgewählter APT-Gruppen im Zeitraum Q2 2024-Q3 2024 First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/eset-apt-activity-report-q2-2024-q3-2024/
-
China-Backed MirrorFace Trains Sights on EU Diplomatic Corps
by
in SecurityNewsChinese APT groups increasingly lean on open source platform SoftEther VPN for network access. Now they’re lending their know-how to Iranian counterparts. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-backed-mirrorface-trains-sights-on-eu-diplomatic-corps
-
China Says Seabed Sentinels Are Spying, After Trump Taps
by
in SecurityNewsOn the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an ex… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-seabed-sentinels-spying-trump-taps
-
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait
The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an organization in the region.”During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka, Japan,” ESET…
-
China’s ‘Evasive Panda’ APT Debuts High-End Cloud Hijacking
A professional-grade tool set, appropriately dubbed CloudScout, is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitiv… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/china-evasive-panda-apt-cloud-hijacking
-
Microsoft credentials pilfered by APT Storm via botnet spraypray router attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/storm-0940-steals-credentials-of-microsoft-customers-by-leveraging-quad7-botnet
-
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
by
in SecurityNewsMicrosoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scal… First seen on securityaffairs.com Jump to article: securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html
-
NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024
by
in SecurityNewsNSFOCUS Showcases Two Groundbreaking Topics at SAS 2024: An In-Depth Analysis of the DarkCasino APT Group and the Evolution of New Botnets. SANTA CLAR… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/nsfocus-showcases-two-groundbreaking-topics-at-sas-2024/
-
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
by
in SecurityNewsAn advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and str… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html
-
IcePeony A New China-Nexus APT Group Targeting Asian Nations
by
in SecurityNewsA previously unknown China-nexus advanced persistent threat (APT) group, identified as >>IcePeony,
-
North Korean APT Exploited IE Zero Day In Supply Chain Attack
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36494/North-Korean-APT-Exploited-IE-Zero-Day-In-Supply-Chain-Attack.html
-
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
by
in SecurityNewsThe Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. The post North Korean Hacker… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-exploited-chrome-zero-day-for-cryptocurrency-theft/
-
IcePeony Hackers Exploiting Public Web Servers To Inject Webshells
by
in SecurityNewsIcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities to … First seen on gbhackers.com Jump to article: gbhackers.com/icepeony-hackers-webshells/
-
SideWinder APT: A Decade of Evolution and Global Expansion
by
in SecurityNewsThe SideWinder Advanced Persistent Threat (APT) group, also known as T-APT-04 or RattleSnake, has been a relentless actor in the global cyber espionag… First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-a-decade-of-evolution-and-global-expansion/
-
North Korean APT Exploited IE Zero-Day in Supply Chain Attack
by
in SecurityNewsA Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. The post North Korean APT Exploited IE … First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/
-
Sidewinder APT Deploying Expanded Attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/sidewinder-apt-deploying-expanded-attacks
-
Expanded attacks deployed by SideWinder APT
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/expanded-attacks-deployed-by-sidewinder-apt
-
High-severity Windows vulnerability leveraged in new OilRig APT attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/high-severity-windows-vulnerability-leveraged-in-new-oilrig-apt-attacks
-
Iranian Cyberspies Exploiting Recent Windows Kernel Vulnerability
The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region. The post Iranian Cyberspies … First seen on securityweek.com Jump to article: www.securityweek.com/iranian-cyberspies-exploiting-recent-windows-kernel-vulnerability/
-
Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report
by
in SecurityNewsThe Chinese state-sponsored cyberattack threat managed to infiltrate the lawful intercept network connections that police use in criminal investigatio… First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/salt-typhoon-apt-subverts-law-enforcement-wiretapping
-
New Campaign by Awaken Likho APT Group: Changes in Software and Techniques
by
in SecurityNewsKaspersky researchers have discovered a new campaign by the Awaken Likho APT group, also known as Core Werewolf, which has been active since at least … First seen on securityonline.info Jump to article: securityonline.info/new-campaign-by-awaken-likho-apt-group-changes-in-software-and-techniques/
-
North Korean APT Group Kimsuky Exploits DMARC Misconfigurations for Sophisticated Phishing Attacks
by
in SecurityNewsEmail security has long been a critical pillar in defending organizations against cyberattacks, but recent reports reveal that even widely trusted pro… First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-group-kimsuky-exploits-dmarc-misconfigurations-for-sophisticated-phishing-attacks/
-
Awaken Likho APT group targets Russian government with a new implant
by
in SecurityNewsA threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A rece… First seen on securityaffairs.com Jump to article: securityaffairs.com/169563/apt/awaken-likho-apt-group-target-russia.html
-
Awaken Likho APT leverages new tools in recent attacks against Russia
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/awaken-likho-apt-leverages-new-tools-in-recent-attacks-against-russia