Tag: apt
-
Earth Baku Using Customized Tools To Maintain Persistence And Steal Data
by
in SecurityNewsEarth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022. The group has increas… First seen on gbhackers.com Jump to article: gbhackers.com/earth-baku-custom-tools-data-theft/
-
New APT Group ‘Actor240524’ Targets Azerbaijan and Israel with Advanced Tactics
A sophisticated cyber espionage campaign targeting Azerbaijan and Israel has been linked to a previously unidentified advanced persistent threat (APT)… First seen on securityonline.info Jump to article: securityonline.info/new-apt-group-actor240524-targets-azerbaijan-and-israel-with-advanced-tactics/
-
Google disrupted hacking campaigns carried out by Iran-linked APT42
Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it di… First seen on securityaffairs.com Jump to article: securityaffairs.com/167095/security/google-disrupted-apt48-hacking-campaign.html
-
China-linked APT Earth Baku targets Europe, the Middle East, and Africa
by
in SecurityNewsChina-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Eart… First seen on securityaffairs.com Jump to article: securityaffairs.com/167044/apt/earth-baku-expanded-operations.html
-
Trump campaign said senior staffer hacked by Iran-backed APT
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/trump-campaign-said-senior-staffer-hacked-by-iran-backed-apt
-
Russia’s ‘Fighting Ursa’ APT Uses Car Ads to Install HeadLace Malware
by
in SecurityNewsThe scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation and tempting them wit… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russia-fighting-ursa-apt-car-ads-headlace-malware
-
New APT Actor240524 Weaponizing Official Documents To Deliver Malware
by
in SecurityNewsA new APT group, dubbed Actor240524, launched a spear-phishing campaign targeting Azerbaijani and Israeli diplomats on July 1, 2024, where the attacke… First seen on gbhackers.com Jump to article: gbhackers.com/apt-actor240524-weaponizing-official-documents/
-
StormBamboo APT Targets ISPs, Spreads Malware via Software Updates
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/stormbamboo-apt-isps-malware-via-software-updates/
-
New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel
Overview Leveraging NSFOCUS’s Global Threat Hunting System, NSFOCUS Security Labs (NSL) captured an attack campaign targeting Azerbaijan and Israel on… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/new-apt-group-actor240524-a-closer-look-at-its-cyber-tactics-against-azerbaijan-and-israel/
-
Chinese hackers compromised an ISP to deliver malicious software updates
by
in SecurityNewsAPT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Vole… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/05/compromised-isp-dns-malware/
-
Chinese StormBamboo APT compromised ISP to deliver malware
A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity… First seen on securityaffairs.com Jump to article: securityaffairs.com/166552/apt/stormbamboo-compromised-isp-malware.html
-
Hackers Infect Windows With Backdoor Malware Via >>Car For Sale<< Ad
Fighting Ursa, a Russian APT, has employed a car sales phishing lure to distribute the HeadLace backdoor malware targeting diplomats since March 2024…. First seen on gbhackers.com Jump to article: gbhackers.com/hackers-infect-windows-car-ad/
-
Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware
A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that … First seen on securityaffairs.com Jump to article: securityaffairs.com/166496/apt/russia-apt-headlace-malware.html
-
SideWinder APT Group Sets Sights on Ports and Maritime Facilities in Espionage Campaign
The notorious nation-state threat actor SideWinder has launched a sophisticated new campaign targeting ports and maritime facilities in the Indian Oce… First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-group-sets-sights-on-ports-and-maritime-facilities-in-espionage-campaign/
-
SideWinder phishing campaign targets maritime facilities in multiple countries
The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWind… First seen on securityaffairs.com Jump to article: securityaffairs.com/166325/breaking-news/sidewinder-phishing-campaign-maritime-facilities.html
-
China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-evasive-panda-apt-spies-taiwan-targets-across-platforms
-
Indian APT Targeting Mediterranean Ports and Maritime Facilities
by
in SecurityNewsThe SideWinder APT has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea in recent attacks. The post Indian APT T… First seen on securityweek.com Jump to article: www.securityweek.com/indian-apt-targeting-mediterranean-ports-and-maritime-facilities/
-
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious … First seen on securityaffairs.com Jump to article: securityaffairs.com/166265/intelligence/belarus-apt-ghostwriter-targeted-ukraine.html
-
APT-Hacker aus China: Cyberspion verteilt nebenbei Items an MMORPG-Spieler
by
in SecurityNewsNeben seiner Spionagetätigkeit hat ein chinesischer APT-Akteur wohl MMORPG-Spielefirmen gehackt, um Youtube- und Twitch-Streamern Vorteile zu verschaf… First seen on golem.de Jump to article: www.golem.de/news/apt-hacker-aus-china-cyberspion-verteilt-nebenbei-items-an-mmorpg-spieler-2407-187297.html
-
China-linked APT group uses new Macma macOS backdoor version
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Ma… First seen on securityaffairs.com Jump to article: securityaffairs.com/166102/apt/daggerfly-macma-macos-backdoor.html
-
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML b… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html
-
Kimsuky APT: New TTPs Revealed in Rapid7 Cybersecurity Report
by
in SecurityNewsRapid7, a leading cybersecurity firm, has released a comprehensive report detailing the evolving tactics, techniques, and procedures (TTPs) of the Kim… First seen on securityonline.info Jump to article: securityonline.info/kimsuky-apt-new-ttps-revealed-in-rapid7-cybersecurity-report/
-
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments
by
in SecurityNewsOverview Leveraging our global threat hunting system, NSFOCUS Security Research Labs discovered spear-phishing email attacks by the APT group Transpar… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/transparenttribes-spear-phishing-targeting-indian-government-departments/
-
SEXi-Hacker attackieren ESXi unter neuem Namen
by
in SecurityNewsDie seit April als SEXi bekannte Ransomwaregruppe nennt sich neuerdings APT Inc. Sie hat es primär auf ESXi-Server abgesehen, manchmal aber auch auf W… First seen on golem.de Jump to article: www.golem.de/news/ransomware-sexi-hacker-attackieren-esxi-unter-neuem-namen-2407-187119.html
-
MHTML Exploited By APT Group Void Banshee
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cve-2024-38112-exploited-void/
-
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/void-banshee-apt-microsoft-zero-day-spear-phishing-attacks
-
SEXi Ransomware Rebrands as ‘APT Inc.,’ Keeps Old Methods
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sexi-ransomware-rebrands-maintains-original-methods-of-operation
-
Iran’s MuddyWater APT targets Saudis and Israelis with BugSleep Backdoor
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/iran-muddywater-saudi-israel-bugsleep-backdoor/
-
Void Banshee exploits CVE-2024-38112 zero-day to spread malware
Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void … First seen on securityaffairs.com Jump to article: securityaffairs.com/165832/apt/void-banshee-cve-2024-38112-zero-day-attacks.html