Infosecurity News
State-Backed APT Group Activity Continuing Apace
The report outlines recent APT group activity from Russia, China, Iran and North Korea
Infosecurity News
The report outlines recent APT group activity from Russia, China, Iran and North Korea
The Hacker News
DarkCasino: From Zero-Day Exploit to APT Threat! Cybersecurity experts classify DarkCasino as a powerful APT group after exploiting a WinRAR flaw
CSO
The China-based APT actor has been found using HTML smuggling to avoid detection.
Cyber Security News
Google's TAG released defensive measures that followed to protect users from the infamous Noth Korean government-backed APT hackers attacks.
SecurityWeek
The sophisticated APT group ‘Dark Pink’ has successfully carried out cyberattacks against government and military organizations in Asia and Europe.
SecurityWeek
A previously unknown APT group is targeting organizations in biomedical, IT, and manufacturing sectors in Taiwan.
Security Affairs
Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel, which is considered a division of the Lazarus APT Group, North Korean nation-state actors used Maui ransomware to encrypt servers providing healthcare services, including electronic […]
ZDNet
Are you looking for a reliable password manager? Dashlane secures your files using NSA-level tools. Here's how much it costs, what you get for the price, and how to get started.
Security Affairs
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments. The NOBELIUM APT (APT29, Cozy Bear, and The Dukes) is the threat actor that […]
Infosecurity News
The findings come from Kaspersky's latest APT trends report for the first quarter of 2023
SecurityWeek
A stealthy APT known as Gelsemium has been observed targeting a government entity in Southeast Asia for intelligence collection.
ThreatPost
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.
Security Affairs
Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign.
Security Affairs
An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]
SecurityWeek
Symantec says North Korea's Lazarus APT group is moving beyond financial crime and into cyberespionage activities.
Security Affairs
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022.
Security Affairs
Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August and September 2022. The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and […]
DarkReading
The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.
Security Affairs
Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide.
Security Affairs
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware .............
Bleeping Computer
Featuring over 90 certification courses, Infosec4TC offers the ultimate cybersecurity training library. Right now, you can get a lifetime Platinum membership for only $69 at Bleeping Computer Deals — and get $10 back in credit for a limited time!
Security Affairs
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky.
Security Affairs
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
DarkReading
The previously unknown threat actor uses tools similar to those used by North Korean APT groups, according to Cisco Talos.
Cyber Security News
SysJoker malware was initially discovered to be used by the APT group dubbed "WildCard" and was targeting the educational sector of Israel.
SecurityWeek
Microsoft disrupts Russian APT actor, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Security Affairs
China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with […]
Security Affairs
An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks […]
Security Affairs
Intezer researchers reported that a South Asian espionage group, tracked as Bitter, is targeting the Chinese nuclear energy industry. Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group […]
Naked Security
Get the update now… if it’s available for your phone. Here’s how to check.
Security Affairs
Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. The Sandworm group has been […]
SecurityWeek
New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign.
The Hacker News
North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.
Security Affairs
The Iran-linked MuddyWater APT is targeting countries in the Middle East as well as Central and West Asia in a new campaign. Deep Instinct’s Threat Research team uncovered a new campaign conducted by the MuddyWater APT (aka SeedWorm, TEMP.Zagros, and Static Kitten) that was targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and United Arab Emirates. The […]
Security Affairs
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware.
Cyber Security News
A new Advanced Persistent Threat (APT) campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe.
Security Affairs
Microsoft warns of Iran-linked APT groups that are targeting vulnerable PaperCut MF/NG print management servers. Microsoft warns that Iran-linked APT groups have been observed exploiting the CVE-2023-27350 flaw in attacks against PaperCut MF/NG print management servers. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability. PaperCut MF/NG contains an improper access control vulnerability within the […]
Security Affairs
In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera.
Security Affairs
Researchers reported that Dark Pink APT employed a malware dubbed KamiKakaBot against Southeast Asian targets. In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. The activity of the group was first detailed by Group-IB […]
SecurityWeek
SentinelLabs researchers are crowdsourcing an effort to understand a new mysterious APT hitting hitting telcos, ISPs and universities in the Middle East and Africa.
Security Affairs
A new APT group, dubbed YoroTrooper, has been targeting government and energy organizations across Europe, experts warn. Cisco Talos researchers uncovered a new cyber espionage group targeting CIS countries, embassies and EU health care agency since at least June 2022. The APT group focuses on government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth […]
Security Affairs
Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT Midnight Blizzard gained access to its Microsoft Office 365 email system
DarkReading
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.
Cyber Security News
RedEyes APT has recently been identified by the researchers at AhnLab Security using a new info-stealer that is dubbed "FadeStealer."
Bleeping Computer
Malwarebytes is running a holiday deal where you can get 40% off the Malwarebytes Premium antivirus software through the new year.
Security Affairs
A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021.
Security Affairs
North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The group BlueNoroff is considered a group that operates under the control of the notorious North Korea-linked Lazarus APT group. The […]
The Hacker News
Chinese APT hackers have been linked to a new campaign targeting gambling-related companies in South East Asia.
Bleeping Computer
The All-In-One 2021 Super-Sized Ethical Hacking Bundle helps you explore this topic and get certified, with 18 courses covering a wide variety of skills. You can get the bundle today for only $42.99.
Trend Micro
We recently found a new advanced persistent threat (APT) group that we have dubbed Earth Berberoka (aka GamblingPuppet). This APT group targets gambling websites on Windows, macOS, and Linux platforms using old and new malware families.
Latest Hacking News
US cybersecurity officials have issued a detailed advisory alerting cyberattacks on critical ICS infrastructure via tools. US warns companies to be aware of such APT attacks. Industrial Control System (ICS) Cyberattacks Via Custom APT Tools Through a
Bleeping Computer
Get this certified refurbished Lenovo ThinkCentre M900 Core i5-6500T desktop in black for $179.97 (reg. $349).
Security Affairs
Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU). The IT giant pointed out that Cadet Blizzard is […]
Security Affairs
A China-linked APT group, tracked as Volt Typhoon, breached critical infrastructure organizations in the U.S. and Guam without being detected. China-linked APT cyber espionage group Volt Typhoon infiltrated critical infrastructure organizations in the U.S. and Guam without being detected. The group managed to maintain access without being detected for as long as possible. According to […]
Cyber Security News
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Security Affairs
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a spear-phishing campaign targeting Japanese political entities and attributed it to the Chinese-speaking APT group tracked as MirrorFace. The experts tracked the campaign as Operation LiberalFace, it aimed at Japanese political entities, especially the members of […]
The Hacker News
A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.
Bleeping Computer
The Learn Python & Django Developer Bundle helps you get started, with 31 hours of hands-on training covering a range of uses. The courses are worth $1,600, but you can get them today for only $29.99 in a special deal for Bleeping Computer readers.
Cyber Security News
APT as ToddyCat, new insights have emerged regarding their sophisticated methods of hijacking network infrastructure to steal sensitive data.
Security Affairs
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies. The Google TAG team published a report focused on cybersecurity […]
DarkReading
Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.
Security Affairs
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO’s […]
Security Affairs
Microsoft revealed that the Russia-linked APT Midnight Blizzard has compromised some of its corporate email accounts.
Cyber Security News
Konni, a North Korean APT group, launched the first attack against the cryptocurrency industry, exploiting a recently found WinRAR vulnerability.
Cyber Security News
DoNot APT Hackers Deploy Android Malware Apps on Google Play, the CYFIRMA team successfully identified Android apps on the Google Play Store
Security Affairs
The Korean National Police Agency (KNPA) warns that a North Korea-linked APT group had breached the Seoul National University Hospital (SNUH). The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest hospitals in the country, the Seoul National University Hospital (SNUH). The security breach took place […]
Cyber Security News
A china based APT actor accessed Microsoft 365 cloud environment and exfiltrated unclassified Exchange Online Outlook data.
The Hacker News
A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe.
SecurityWeek
Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could target critical infrastructure.
CyberNews
Microsoft identifies the 'GooseEgg' tool created by Russian threat group APT 28, Forrest Blizzard to exploit known vulnerabilities in Windows printer spooler service.
DarkReading
Chinese government agencies are paying an APT, masked as a legitimate company, to spy on foreign and domestic targets of political interest.
Bleeping Computer
Cybersecurity is increasingly everybody's concern, and getting certified helps you skill up and get up to speed. These eight cybersecurity exam prep courses get you ready for $29.97, $154 off the $184 MSRP only for a limited time.
Security Affairs
An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT (previously tracked by Microsoft as PHOSPHORUS) to a series of attacks aimed at US critical infrastructure between late 2021 to mid-2022. The IT giant reported Mint […]
The Hacker News
You can currently get five top-rated cybersecurity certification courses for only $69, with lifetime access included!
Bleeping Computer
Order by 5/28 to get your lifetime subscription for just $139.97, covering all 14 languages on all devices.
Security Affairs
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops […]
Security Affairs
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat Hunter Team reported that a previously unknown APT group, tracked as Carderbee, used a malware-laced version of the legitimate Cobra DocGuard software to carry out a supply chain attack aimed at organizations in Hong Kong. […]
Security Affairs
The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus […]
CSO
The previously undocumented APT group has been targeting high-profile organizations in Asia and Europe for over a year.
Bleeping Computer
The Vidar stealer has returned in a new campaign that abuses the Mastodon social media network to get C2 configuration without raising alarms.
Security Affairs
The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government attributes the recent $600 million Ronin Validator cryptocurrencty heist to the North Korea-linked APT Lazarus. The U.S. Treasury announced in a notice the sanctions against the Ethereum address used by the APT to receive the […]
Cyber Security News
Cybersecurity researchers at Recorded Future recently discovered that APT hackers are actively exploiting the GitHub platform.
Bleeping Computer
The Premium Java Programming Certification Bundle helps you get started, with over 600 video lessons taking you from the fundamentals through to advanced projects. The training is worth $1,600, but you can get it today for only $29.99.
Security Affairs
China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe, and Africa. China-linked Gallium APT (aka Softcell) used a previously undocumented remote access Trojan dubbed PingPull in recent attacks aimed at organizations in Southeast Asia, Europe, and Africa. Researchers from Palo Alto Networks defined the […]
DarkReading
North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware.
SecurityWeek
Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks.
Security Affairs
North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise. The news was reported by the South Korean police on Sunday, the law enforcement also added that […]
Cyber Security News
Researchers uncovered that State-Sponsors APT hackers called "Billbug" attacked and compromise the digital certificate authority
Cyber Security News
BlackTech APT Hackers active since 2010, known for attacking government, industrial, technology, media, electronics, telecommunication, and military sectors.
Bleeping Computer
Get a lifetime license to Microsoft Office Professional 2021 for Windows or Microsoft Office Home & Business for Mac 2021 for $29.97.
Security Affairs
Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign. Symantec and TrendMicro first discovered the Gamaredon […]
Security Affairs
A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. Kaspersky researchers shared details about the activity of a previously undocumented APT group, tracked as GoldenJackal, which has been active since 2019. The primary motivation of the group appears to be […]
Security Affairs
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
Cyber Security News
During the monitored timespan, APT groups aligned with Russia have been observed to be heavily involved in cyber operations aimed at Ukraine.
Security Affairs
An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021. POLONIUM APT focused only on Israeli targets, it launched attacks against more than a dozen organizations in various industries, including engineering, information technology, law, communications, branding and marketing, media, insurance, and social services. Microsoft MSTIC […]
The Cyber Express
Researchers have uncovered new attacks by a North Korean advanced persistent threat actor – Andariel APT group – targeting Korean
Security Affairs
Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. The Microsoft Threat Intelligence team observed a series of destructive attacks on hybrid environments that were carried out by MuddyWater APT group (aka MERCURY). Threat actors masqueraded the attacks as a standard ransomware operation. MERCURY (aka MuddyWater, SeedWorm and TEMP.Zagros) has been active since […]
SecurityWeek
The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.
DarkReading
The "underreported" APT has returned to focus after attacks promoting Russian and Belarusian government interests and going after targets with humor, zest, and scrappiness.
Cyber Security News
The Andariel APT group launched a targeted attack campaign against South Korean domestic companies and institutions, where manufacturing,
Loading more articles....