Tag: apt
-
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
by
in SecurityNewsMicrosoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scal… First seen on securityaffairs.com Jump to article: securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html
-
NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024
by
in SecurityNewsNSFOCUS Showcases Two Groundbreaking Topics at SAS 2024: An In-Depth Analysis of the DarkCasino APT Group and the Evolution of New Botnets. SANTA CLAR… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/nsfocus-showcases-two-groundbreaking-topics-at-sas-2024/
-
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
by
in SecurityNewsAn advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and str… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html
-
IcePeony A New China-Nexus APT Group Targeting Asian Nations
by
in SecurityNewsA previously unknown China-nexus advanced persistent threat (APT) group, identified as >>IcePeony,
-
North Korean APT Exploited IE Zero Day In Supply Chain Attack
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36494/North-Korean-APT-Exploited-IE-Zero-Day-In-Supply-Chain-Attack.html
-
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
by
in SecurityNewsThe Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. The post North Korean Hacker… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-exploited-chrome-zero-day-for-cryptocurrency-theft/
-
IcePeony Hackers Exploiting Public Web Servers To Inject Webshells
by
in SecurityNewsIcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities to … First seen on gbhackers.com Jump to article: gbhackers.com/icepeony-hackers-webshells/
-
SideWinder APT: A Decade of Evolution and Global Expansion
by
in SecurityNewsThe SideWinder Advanced Persistent Threat (APT) group, also known as T-APT-04 or RattleSnake, has been a relentless actor in the global cyber espionag… First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-a-decade-of-evolution-and-global-expansion/
-
North Korean APT Exploited IE Zero-Day in Supply Chain Attack
by
in SecurityNewsA Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. The post North Korean APT Exploited IE … First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/
-
Sidewinder APT Deploying Expanded Attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/sidewinder-apt-deploying-expanded-attacks
-
Expanded attacks deployed by SideWinder APT
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/expanded-attacks-deployed-by-sidewinder-apt
-
High-severity Windows vulnerability leveraged in new OilRig APT attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/high-severity-windows-vulnerability-leveraged-in-new-oilrig-apt-attacks
-
Iranian Cyberspies Exploiting Recent Windows Kernel Vulnerability
The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region. The post Iranian Cyberspies … First seen on securityweek.com Jump to article: www.securityweek.com/iranian-cyberspies-exploiting-recent-windows-kernel-vulnerability/
-
Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report
by
in SecurityNewsThe Chinese state-sponsored cyberattack threat managed to infiltrate the lawful intercept network connections that police use in criminal investigatio… First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/salt-typhoon-apt-subverts-law-enforcement-wiretapping
-
New Campaign by Awaken Likho APT Group: Changes in Software and Techniques
by
in SecurityNewsKaspersky researchers have discovered a new campaign by the Awaken Likho APT group, also known as Core Werewolf, which has been active since at least … First seen on securityonline.info Jump to article: securityonline.info/new-campaign-by-awaken-likho-apt-group-changes-in-software-and-techniques/
-
North Korean APT Group Kimsuky Exploits DMARC Misconfigurations for Sophisticated Phishing Attacks
by
in SecurityNewsEmail security has long been a critical pillar in defending organizations against cyberattacks, but recent reports reveal that even widely trusted pro… First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-group-kimsuky-exploits-dmarc-misconfigurations-for-sophisticated-phishing-attacks/
-
Awaken Likho APT group targets Russian government with a new implant
by
in SecurityNewsA threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A rece… First seen on securityaffairs.com Jump to article: securityaffairs.com/169563/apt/awaken-likho-apt-group-target-russia.html
-
Awaken Likho APT leverages new tools in recent attacks against Russia
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/awaken-likho-apt-leverages-new-tools-in-recent-attacks-against-russia
-
GoldenJackal APT group breaches air-gapped systems in Europe
by
in SecurityNewsESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/09/goldenjackal-air-gapped-systems-compromise/
-
China-Backed APT Group Culling Thai Government Data
by
in SecurityNewsCeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/new-china-backed-apt-group-culling-thai-government-data
-
North Korea’s ‘Stonefly’ APT Swarms US Private Co’s. for Profit
by
in SecurityNewsDespite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un’s regim… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/stonefly-apt-us-private-cos-north-korean-profit
-
Python-Based Malware Slithers Into Systems via Legit VS Code
The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent remote access to vi… First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/python-malware-slithers-legit-vs-code
-
Likho Hackers Using MeshCentral For Remotely Managing Victim Systems
by
in SecurityNewsThe Awaken Likho APT group launched a new campaign in June of 2024 with the intention of targeting Russian government agencies and businesses by targe… First seen on gbhackers.com Jump to article: gbhackers.com/likho-apt-meshcentral-shift/
-
European govt air-gapped systems breached using custom malware
by
in SecurityNewsAn APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensit… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-govt-air-gapped-systems-breached-using-custom-malware/
-
China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems
by
in SecurityNewsChina-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-link… First seen on securityaffairs.com Jump to article: securityaffairs.com/169460/apt/salt-typhoon-hacked-us-broadband-providers.html
-
Neue APT-Gruppe CeranaKeeper missbraucht Dropbox und Github
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Neue-APT-Gruppe-CeranaKeeper-missbraucht-Dropbox-und-Github-9961562.html
-
Private US companies targeted by Stonefly APT
by
in SecurityNewsUndeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/03/private-us-companies-targeted-by-stonefly-apt/
-
Transparent Tribe APT Group’s New Arsenal: Mythic Poseidon, Linux, and C2 Takedown
by
in SecurityNewsA recent report by CYFIRMA sheds light on the infrastructure supporting the activities of the Advanced Persistent Threat (APT) group known as Transpar… First seen on securityonline.info Jump to article: securityonline.info/transparent-tribe-apt-groups-new-arsenal-mythic-poseidon-linux-and-c2-takedown/
-
Advanced Cyberattacks: Patchwork APT’s Nexe Backdoor Campaign Exposed
by
in SecurityNewsIn a new report from Cyble Research and Intelligence Labs (CRIL), the notorious Patchwork APT group has once again demonstrated its cyber-espionage pr… First seen on securityonline.info Jump to article: securityonline.info/advanced-cyberattacks-patchwork-apts-nexe-backdoor-campaign-exposed/
-
Iranian APT Facilitating Remote Access To Target Networks
As per recent reports, an Iranian Advanced Persistent Threat (APT) hacker is now playing a facilitator role in aiding remote access to target networks… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/iranian-apt-facilitating-remote-access-to-target-networks/