Tag: apt
-
Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
by
in SecurityNewsThe China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia.That’s according to findings from cybersecurity firm ESET based on multiple Linux samples uploaded to the VirusTotal platform from Taiwan, the Philippines, and Singapore in…
-
Linux Malware WolfsBane and FireWood Linked to Gelsemium APT
New Linux malware WolfsBane and FireWood have been linked to Gelsemium APT, a cyber-espionage group targeting critical systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/linux-malware-wolfsbane-firewood/
-
China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data
by
in SecurityNewsIn US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-liminal-panda-telcos-phone-data
-
Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative
by
in SecurityNewsCrowdStrike unveiled a new Chinese-aligned hacking group allegedly spying on telecom providers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-apt-targets-telecoms-bri/
-
DONOT APT Group Targets Pakistan’s Maritime and Defense Sectors in New Campaign
by
in SecurityNewsA recent report from Cyble Research and Intelligence Labs (CRIL) has exposed a new campaign orchestrated by the Advanced Persistent Threat (APT) group DONOT, also known as APT-C-35. This campaign... First seen on securityonline.info Jump to article: securityonline.info/donot-apt-group-targets-pakistans-maritime-and-defense-sectors-in-new-campaign/
-
18th November Threat Intelligence Report
by
in SecurityNewsThe FBI and CISA issued a joint statement detailing a major Chinese cyber-espionage campaign targeting U.S. telecommunications infrastructure, led by the APT group Salt Typhoon. This operation compromised networks to steal call […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/18th-november-threat-intelligence-report/
-
Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT
by
in SecurityNewsCybersecurity firm Volexity has uncovered a zero-day vulnerability in Fortinet’s Windows VPN client, FortiClient, being exploited by the BrazenBamboo Advanced Persistent Threat (APT) group. This vulnerability, detailed in Volexity’s latest... First seen on securityonline.info Jump to article: securityonline.info/zero-day-vulnerability-in-forticlient-exploited-by-brazenbamboo-apt/
-
LightSpy Spyware Operation Expands to Windows
The Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework. The post LightSpy Spyware Operation Expands to Windows appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lightspy-ios-spyware-operation-expands-to-windows/
-
BSI’s 2024 Cybersecurity Report: How Germany Is Battling Ransomware, APTs, and Election Security Challenges
by
in SecurityNewsGermany’s Federal Office for Information Security (BSI) recently published the First seen on thecyberexpress.com Jump to article: thecyberexpress.com/germany-state-of-cybersecurity-2024-report/
-
Volt Typhoon APT Group Resurfaces: A Persistent Threat to Critical Infrastructure
by
in SecurityNewsSecurityScorecard’s STRIKE Team uncovers the resurgence of Volt Typhoon, a state-sponsored advanced persistent threat (APT) actor leveraging compromised legacy devices to target critical infrastructure. A new report from SecurityScorecard’s STRIKE... First seen on securityonline.info Jump to article: securityonline.info/volt-typhoon-apt-group-resurfaces-a-persistent-threat-to-critical-infrastructure/
-
Hamas Hackers Spy on Mideast Gov’ts, Disrupt Israel
by
in SecurityNewsAPT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hamas-hackers-spy-mideast-govts-disrupt-israel
-
APT-Akteure betten Malware in macOS-Flutter-Anwendungen ein
by
in SecurityNewsFlutter ist ein App-Entwickler-Kit von Google für einheitliche, plattformübergreifende Anwendungen. Apps, die mit Flutter erstellt wurden, verfügen über ein App-Layout, das den Code weitgehend verschleiert. Zudem erschwert die Komplexität der Flutter-Architektur die Analyse und Erkennung von Malware erhe First seen on infopoint-security.de Jump to article: www.infopoint-security.de/apt-akteure-betten-malware-in-macos-flutter-anwendungen-ein/a38950/
-
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease
by
in SecurityNewsResearchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique code-smuggling method. Known for its sophisticated cyber-espionage... First seen on securityonline.info Jump to article: securityonline.info/rustyattr-trojan-lazarus-groups-new-macos-malware-evades-antivirus-with-ease/
-
China’s Volt Typhoon botnet has re-emerged
by
in SecurityNewsChina’s Volt Typhoon botnet has re-emerged, using the same core infrastructure and techniques, according to SecurityScorecard researchers. The China-linked Volt Typhoon’s botnet has resurfaced using the same infrastructure and techniques, per SecurityScorecard researchers. In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. and Guam without being detected. The group…
-
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-extended-attributes-macos/
-
Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel
The Iran-linked group Emennet Pasargad aims to undermine public confidence in Israeli and Western nations by using hack-and-leak campaigns and disrupt… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/iranian-group-targets-ip-cameras-extends-attacks-beyond-israel
-
VPNs and Clouds: New Tools in the APT Arsenal, ESET Warns
ESET’s latest APT Activity Report for April through September 2024 offers new insights into the evolving tactics, targets, and geographical reach of state-aligned Advanced Persistent Threat (APT) groups. The report... First seen on securityonline.info Jump to article: securityonline.info/vpns-and-clouds-new-tools-in-the-apt-arsenal-eset-warns/
-
New Keylogger Targeting U.S. Organizations Linked to North Korean APT Group Andariel
by
in SecurityNewsA recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Ko… First seen on securityonline.info Jump to article: securityonline.info/new-keylogger-targeting-u-s-organizations-linked-to-north-korean-apt-group-andariel/
-
Chinese APTs Cash In on Years of Edge Device Attacks
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apts-edge-device-attacks
-
Sri Lanka: New Target for T04 APT Group
by
in SecurityNewsIn a recent report by cybersecurity expert Nimantha Deshappriya, details have emerged about a sustained cyber-espionage campaign orchestrated by the a… First seen on securityonline.info Jump to article: securityonline.info/sri-lanka-new-target-for-t-apt-04-apt-group/
-
BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts
by
in SecurityNewsIn a disturbing revelation from SentinelLabs, North Korean-affiliated threat actors, suspected to be linked to the notorious BlueNoroff APT, are actively targeting cryptocurrency businesses and macOS users. Dubbed the ‘Hidden... First seen on securityonline.info Jump to article: securityonline.info/bluenoroffs-new-macos-threat-hidden-risk-targets-crypto-enthusiasts/
-
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers
by
in SecurityNewsUS CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. The Consumer Financial Protection Bureau (CFPB) is a U.S.…
-
ESET APT Activity Report Q2 2024-Q3 2024
by
in SecurityNews
Tags: aptESET gibt einen Überblick über die Aktivitäten ausgewählter APT-Gruppen im Zeitraum Q2 2024-Q3 2024 First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/eset-apt-activity-report-q2-2024-q3-2024/
-
China-Backed MirrorFace Trains Sights on EU Diplomatic Corps
by
in SecurityNewsChinese APT groups increasingly lean on open source platform SoftEther VPN for network access. Now they’re lending their know-how to Iranian counterparts. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-backed-mirrorface-trains-sights-on-eu-diplomatic-corps
-
China Says Seabed Sentinels Are Spying, After Trump Taps
by
in SecurityNewsOn the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an ex… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-seabed-sentinels-spying-trump-taps
-
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait
The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an organization in the region.”During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka, Japan,” ESET…
-
China’s ‘Evasive Panda’ APT Debuts High-End Cloud Hijacking
A professional-grade tool set, appropriately dubbed CloudScout, is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitiv… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/china-evasive-panda-apt-cloud-hijacking
-
Microsoft credentials pilfered by APT Storm via botnet spraypray router attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/storm-0940-steals-credentials-of-microsoft-customers-by-leveraging-quad7-botnet
-
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
by
in SecurityNewsMicrosoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scal… First seen on securityaffairs.com Jump to article: securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html