Tag: apt
-
Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor
In addition to its longstanding password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm, or APT 33, has developed custom ma… First seen on wired.com Jump to article: www.wired.com/story/iran-peach-sandworm-tickler-backdoor/
-
Chinese Tag Team APTs Keep Stealing Asian Gov’t Secrets
by
in SecurityNewsA PRC threat cluster known as Crimson Palace is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack cha… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-tag-team-apts-keep-stealing-asian-govt-secrets
-
Chinese APT Groups Continue to Leverage Open-Source and Custom Reconnaissance Tools in Cyber Espionage Campaigns
by
in SecurityNewsThe Natto Thoughts team recently uncovered key insights into the reconnaissance techniques used by Chinese state-sponsored threat actors. A deep dive … First seen on securityonline.info Jump to article: securityonline.info/chinese-apt-groups-continue-to-leverage-open-source-and-custom-reconnaissance-tools-in-cyber-espionage-campaigns/
-
Novel payloads deployed in new OilRig APT campaign against Iraq
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-payloads-deployed-in-new-oilrig-apt-campaign-against-iraq
-
Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
by
in SecurityNewsIn a recent report, cybersecurity researchers at Unit 42 have uncovered a novel and concerning tactic employed by the Chinese advanced persistent thre… First seen on securityonline.info Jump to article: securityonline.info/chinese-apt-stately-taurus-exploits-visual-studio-code-in-cyberespionage-attacks/
-
Chinese ‘Tropic Trooper’ APT Targets Mideast Governments
by
in SecurityNewsIn the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically … First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-tropic-trooper-apt-targets-mideast-governments
-
BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT
by
in SecurityNewsCybersecurity researchers at Zscaler ThreatLabz have uncovered a new wave of attacks by the BlindEagle APT group, this time zeroing in on the Colombia… First seen on securityonline.info Jump to article: securityonline.info/blindeagle-apt-targets-colombian-insurance-with-blotchyquasar-rat/
-
Taiwanese drone makers subjected to TIDRONE APT intrusions
by
in SecurityNews
Tags: aptFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/taiwanese-drone-makers-subjected-to-tidrone-apt-intrusions
-
North Korea’s ‘Citrine Sleet’ APT Exploits Zero-Day Chromium Bug
by
in SecurityNewsMicrosoft warned that the DPRK’s latest innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Chinese APT Exploits Versa Networks Zero-Day Flaw
by
in SecurityNewsThe vulnerability impacts versions of Versa Director prior to 22.1.4, and Versa Networks recommends that impacted users update to the fixed version as… First seen on duo.com Jump to article: duo.com/decipher/chinese-apt-exploits-versa-networks-zero-day-flaw
-
TIDRONE APT targets drone manufacturers in Taiwan
by
in SecurityNewsA previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an al… First seen on securityaffairs.com Jump to article: securityaffairs.com/168210/apt/tidrone-targets-organizations-taiwan.html
-
Commercial Spyware Vendors Have a Copycat in Top Russian APT
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/commercial-spyware-vendors-copycat-russian-apt
-
Tropic Trooper Attacks Government Organizations to Steal Sensitive Data
by
in SecurityNewsTropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group, and it has been active since 2011. This APT group pr… First seen on gbhackers.com Jump to article: gbhackers.com/tropic-trooper-attack-steal-sensitive-data/
-
Chinese cyber attack sparks alert over six-year-old MS vuln
by
in SecurityNewsAfter a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exp… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366599914/Chinese-cyber-attack-sparks-alert-over-six-year-old-MS-vuln
-
South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel
by
in SecurityNewsThe most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execu… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/south-korean-apt-exploits-1-click-wps-office-bug-nabs-chinese-intel
-
Gamaredon APT Launches Spear-Phishing Campaign Targeting Ukrainian Military
by
in SecurityNewsA sophisticated spear-phishing campaign orchestrated by the Gamaredon APT group has emerged as a threat to Ukrainian military personnel. Cyble Researc… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/gamaredon-campaign/
-
Researchers Unpacked AvNeutralizer EDR Killer Used By FIN7 Group
by
in SecurityNewsFIN7 (aka Carbon Spider, ELBRUS, Sangria Tempest) is a Russian APT group that is primarily known for targeting the U.S. retail, restaurant, and hospit… First seen on gbhackers.com Jump to article: gbhackers.com/avneutralizer-edr-killer-unpacked/
-
APT60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
by
in CISOA South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WP… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
-
Chinese APT sets sights on Middle East government orgs
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/chinese-apt-sets-sights-on-middle-east-government-orgs
-
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
by
in SecurityNewsCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, beari… First seen on securityonline.info Jump to article: securityonline.info/researcher-identifies-toddycat-inspired-apt-attack-leveraging-icmp-backdoor-and-microsoft-exchange-flaws/
-
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
by
in SecurityNewsToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. T… First seen on gbhackers.com Jump to article: gbhackers.com/toddycat-apt-exploits/
-
CVE-2024-7971: North Korean APT Citrine Sleet Exploits Chromium Zero-Day
by
in SecurityNewsIn a recent cybersecurity report, Microsoft Threat Intelligence has revealed that a North Korean threat actor, believed to be Citrine Sleet, has been … First seen on securityonline.info Jump to article: securityonline.info/cve-2024-7971-north-korean-apt-citrine-sleet-exploits-chromium-zero-day/
-
Czech Officials Targeted in Sophisticated Malware Campaign Disguised as NATO Documents
by
in SecurityNewsSeqrite Labs APT-Team has uncovered a sophisticated malware campaign, dubbed >>Operation Oxidový,
-
North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/01/week-in-review-sonicwall-critical-firewalls-flaw-fixed-apt-exploits-wps-office-for-windows-rce/
-
Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day
by
in SecurityNewsRedmond’s threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financi… First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-says-north-korean-cryptocurrency-thieves-behind-chrome-zero-day/
-
Operation DevilTiger: APT12’s Shadowy Tactics and Zero-Day Exploits Unveiled
by
in SecurityNewsThe QiAnXin Threat Intelligence Center has disclosed the technical details of a sophisticated cyber espionage campaign dubbed >>Operation DevilTiger,
-
North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit
by
in SecurityNewsNorth Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group C… First seen on securityaffairs.com Jump to article: securityaffairs.com/167848/breaking-news/north-korea-linked-apt-exploited-chrome-zero-day-cve-2024-7971.html
-
South Korea-linked group APT-C-60 exploited a WPS Office zero-day
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group A… First seen on securityaffairs.com Jump to article: securityaffairs.com/167825/hacking/apt-c-60-wps-office-zero-day.html
-
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
by
in SecurityNewsThe APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, … First seen on gbhackers.com Jump to article: gbhackers.com/deviltiger-apt-zero-day/