Tag: apt
-
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
by
in SecurityNewsThe APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, … First seen on gbhackers.com Jump to article: gbhackers.com/deviltiger-apt-zero-day/
-
Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia’s APT29 and commercial spyware vendors. The p… First seen on securityweek.com Jump to article: www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa/
-
South Korean hackers exploited WPS Office zero-day to deploy malware
by
in SecurityNewsThe South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apt-c-60-hackers-exploited-wps-office-zero-day-to-deploy-spyglace-malware/
-
APT Gruppe Muddy Water attackiert MSPs
by
in SecurityNewsr Einblick in die undurchsichtige Welt der Cyberspionage und anderer wachsender Bedrohungen, mit denen Anbieter von Managed Services – und ihre Kunden… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/05/02/apt-gruppe-muddy-water-attackiert-msps/
-
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
by
in SecurityNewsESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which is… First seen on securityonline.info Jump to article: securityonline.info/eset-uncovers-zero-day-vulnerabilities-in-wps-office-exploited-by-apt-c-60/
-
APT Gruppe Evasive Panda verteilt Malware als Updates beliebter chinesischer Software
arch deckt eine Kampagne der als Evasive Panda bekannten APT-Gruppe auf, die eine internationale NGO in China mit Malware angreift. Diese wird über Up… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/04/26/apt-gruppe-evasive-panda-verteilt-malware-als-updates-beliebter-chinesischer-software/
-
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
by
in SecurityNewsESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/28/cve-2024-7262-cve-2024-7263/
-
US Sees Iranian Hackers Working Closely With Ransomware Groups
by
in SecurityNewsIranian state-sponsored APT Lemon Sandstorm is working closely with ransomware groups on monetizing network intrusions. The post US Sees Iranian Hacke… First seen on securityweek.com Jump to article: www.securityweek.com/us-sees-iranian-hackers-working-closely-with-ransomware-groups/
-
China-linked APT Volt Typhoon exploited a zero-day in Versa Director
China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt … First seen on securityaffairs.com Jump to article: securityaffairs.com/167658/apt/volt-typhoon-versa-director-zero-day.html
-
US Intelligence Blames Iran for Hack on Trump Campaign
by
in SecurityNewsFeds confirmed Iran’s involvement in the email attack against Roger Stone after Microsoft, Google reported Iranian APT action against both presidentia… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/us-intelligence-blames-ira-for-hack-on-trump-campaign
-
WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies
by
in SecurityNewsA WPS Office zero-day vulnerability tracked as CVEâ -â 2024â -â 7262 was exploited by South Korean hacker group APT-C-60. The post WPS Office Zero… First seen on securityweek.com Jump to article: www.securityweek.com/wps-office-zero-day-exploited-by-south-korea-linked-cyberspies/
-
Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets Service Providers
by
in SecurityNewsAmidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. The post Censys Find… First seen on securityweek.com Jump to article: www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/
-
SEXi / APT Inc ransomware what you need to know
by
in SecurityNewsFirst seen on tripwire.com Jump to article: www.tripwire.com/state-of-security/sexi-apt-inc-ransomware-what-you-need-know
-
Iranian APT GreenCharlie Escalates Threats Against US Political Targets Using GORBLE and POWERSTAR Malware
A recent report from Insikt Group has shed light on the covert operations of GreenCharlie, an Iran-backed Advanced Persistent Threat (APT) group, whic… First seen on securityonline.info Jump to article: securityonline.info/iranian-apt-greencharlie-escalates-threats-against-us-political-targets-using-gorble-and-powerstar-malware/
-
North Korean cyber APT targeting nuclear secrets
by
in SecurityNewsMandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, in… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366598869/North-Korean-cyber-APT-targeting-nuclear-secrets
-
Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs
by
in SecurityNewsAmidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. The post Censys Find… First seen on securityweek.com Jump to article: www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/
-
China’s Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs. The post China’s Volt Typhoon Ha… First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-volt-typhoon-caught-exploiting-versa-networks-sd-wan-zero-day/
-
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT
by
in SecurityNewsA Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the A… First seen on securityaffairs.com Jump to article: securityaffairs.com/167485/cyber-crime/russian-national-arrested-laundering-lazarus-funds.html
-
BlindEagle APT Group: A Persistent Threat in Latin America
Kaspersky Labs has issued a warning about BlindEagle, also known as APT-C-36, a persistent threat actor known for its targeted attacks in Latin Americ… First seen on securityonline.info Jump to article: securityonline.info/blindeagle-apt-group-a-persistent-threat-in-latin-america/
-
China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches
China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cyberse… First seen on securityaffairs.com Jump to article: securityaffairs.com/167423/apt/china-velvet-ant-zero-day-cisco-switches.html
-
North Korea-linked APT used a new RAT called MoonPeak
by
in SecurityNewsNorth Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Tal… First seen on securityaffairs.com Jump to article: securityaffairs.com/167340/malware/north-korea-apt-moonpeaknorth.html
-
‘EastWind’ Cyber-Spy Campaign Combines Various Chinese APT Tools
The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known state-sponsored groups, showing how adva… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/eastwind-cyber-spy-campaign-chinese-apt-tools
-
Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT
by
in SecurityNewsMicrosoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulner… First seen on securityaffairs.com Jump to article: securityaffairs.com/167246/apt/microsoft-zero-day-cve-2024-38193-lazarus.html
-
Cyclops: Iranian APT 35 Hackers’ Latest Tool for Network Infiltration
Researchers have uncovered a new piece of malware named Cyclops, likely developed by the >>Charming Kitten
-
Windows Zero-Day Attack Linked to North Korea’s Lazarus APT
by
in SecurityNewsThe vulnerability, tracked as CVE-2024-38193 and marked as ‘actively exploited’ by Microsoft, allows SYSTEM privileges on the latest Windows operating… First seen on securityweek.com Jump to article: www.securityweek.com/windows-zero-day-attack-linked-to-north-koreas-lazarus-apt/
-
Iranian APT42 Group Launch A Massive Phishing Campaign To Attack U.S. Presidential Election
by
in SecurityNewsAPT42 is an APT group that is believed to be backed by the Iranian government, and this group primarily focuses on cyber espionage. Besides this, APT4… First seen on gbhackers.com Jump to article: gbhackers.com/iranian-apt42-phishing-us-election/
-
Earth Baku APT Group Expands Global Reach with Advanced Techniques
by
in SecurityNewsCybersecurity researchers at Trend Micro have uncovered a significant expansion in the activities of Earth Baku, a sophisticated advanced persistent t… First seen on securityonline.info Jump to article: securityonline.info/earth-baku-apt-group-expands-global-reach-with-advanced-techniques/
-
KI als Waffe ein – APTs nutzen KI zur Verstärkung ihrer Cyberwaffen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/kuenstliche-intelligenz-cyberangriffe-neue-aera-cyberkriegsfuehrung-a-4e6640fa57c6fdc6b0f90375071024ed/
-
Kimsuky APT Group Targets University Researchers in Espionage Campaign
by
in SecurityNewsThe North Korean state-backed hacking group known as Kimsuky is at it again, this time setting its sights on university researchers and professors in … First seen on securityonline.info Jump to article: securityonline.info/kimsuky-apt-group-targets-university-researchers-in-espionage-campaign/
-
Earth Baku Using Customized Tools To Maintain Persistence And Steal Data
by
in SecurityNewsEarth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022. The group has increas… First seen on gbhackers.com Jump to article: gbhackers.com/earth-baku-custom-tools-data-theft/