Infosecurity News
State-Backed APT Group Activity Continuing Apace
The report outlines recent APT group activity from Russia, China, Iran and North Korea
The Hacker News
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
DarkCasino: From Zero-Day Exploit to APT Threat! Cybersecurity experts classify DarkCasino as a powerful APT group after exploiting a WinRAR flaw
CSO
New Chinese APT campaign found targeting European embassies
The China-based APT actor has been found using HTML smuggling to avoid detection.
Cyber Security News
Google VS North Korean APT - How Google Fight With Gov-Backed NK APT Hackers
Google's TAG released defensive measures that followed to protect users from the infamous Noth Korean government-backed APT hackers attacks.
SecurityWeek
Sophisticated 'Dark Pink' APT Targets Government, Military Organizations
The sophisticated APT group ‘Dark Pink’ has successfully carried out cyberattacks against government and military organizations in Asia and Europe.
SecurityWeek
New 'Grayling' APT Targeting Organizations in Taiwan, US
A previously unknown APT group is targeting organizations in biomedical, IT, and manufacturing sectors in Taiwan.
Security Affairs
Experts linked Maui ransomware to North Korean Andariel APT
Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel, which is considered a division of the Lazarus APT Group, North Korean nation-state actors used Maui ransomware to encrypt servers providing healthcare services, including electronic […]
ZDNet
Dashlane: Pricing, features, and how to get started
Are you looking for a reliable password manager? Dashlane secures your files using NSA-level tools. Here's how much it costs, what you get for the price, and how to get started.
Security Affairs
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments. The NOBELIUM APT (APT29, Cozy Bear, and The Dukes) is the threat actor that […]
Infosecurity News
APT Groups Expand Reach to New Industries and Geographies
The findings come from Kaspersky's latest APT trends report for the first quarter of 2023
SecurityWeek
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
A stealthy APT known as Gelsemium has been observed targeting a government entity in Southeast Asia for intelligence collection.
ThreatPost
APT Lazarus Targets Engineers with macOS Malware
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.
Security Affairs
Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns
Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign.
Security Affairs
Dragon Breath APT uses double-dip DLL sideloading strategy
An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]
SecurityWeek
North Korea APT Lazarus Targeting Chemical Sector
Symantec says North Korea's Lazarus APT group is moving beyond financial crime and into cyberespionage activities.
Security Affairs
Previously unknown Kapeka backdoor linked to Sandworm APT
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022.
Security Affairs
Russia-linked Cold River APT targeted US nuclear research laboratories
Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August and September 2022. The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and […]
DarkReading
US Sanctions Iran Over APT Cyberattack Activity
The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.
Security Affairs
Earth Krahang APT breached tens of government orgs worldwide
Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide.
Security Affairs
North Korea-linked Konni APT uses Russian-language documents
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware .............
Bleeping Computer
Get a lifetime of cybersecurity training for only $69
Featuring over 90 certification courses, Infosec4TC offers the ultimate cybersecurity training library. Right now, you can get a lifetime Platinum membership for only $69 at Bleeping Computer Deals — and get $10 back in credit for a limited time!
Security Affairs
US govt sanctioned North Korea-linked APT Kimsuky
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky.
Security Affairs
DarkCasino joins the list of APT groups exploiting WinRAR 0day
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
DarkReading
LilacSquid APT Employs Open Source Tools, QuasarRAT
The previously unknown threat actor uses tools similar to those used by North Korean APT groups, according to Cisco Talos.
-1.webp)
Cyber Security News
APT Hackers Behind SysJoker Attacking Critical Industrial Sectors
SysJoker malware was initially discovered to be used by the APT group dubbed "WildCard" and was targeting the educational sector of Israel.
SecurityWeek
Microsoft Announces Disruption of Russian Espionage APT
Microsoft disrupts Russian APT actor, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Security Affairs
China-linked Flax Typhoon APT targets Taiwan
China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with […]
Security Affairs
Unknown APT group is targeting Russian government entities
An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks […]
Security Affairs
Bitter APT group targets China’s nuclear energy sector
Intezer researchers reported that a South Asian espionage group, tracked as Bitter, is targeting the Chinese nuclear energy industry. Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group […]
Naked Security
Google’s monthly Android updates patch numerous “get root” holes
Get the update now… if it’s available for your phone. Here’s how to check.
Security Affairs
Sandworm APT targets Ukraine with new SwiftSlicer wiper
Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. The Sandworm group has been […]
SecurityWeek
New 'Sandman' APT Group Hitting Telcos With Rare LuaJIT Malware
New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign.
The Hacker News
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.
Security Affairs
MuddyWater APT group is back with updated TTPs
The Iran-linked MuddyWater APT is targeting countries in the Middle East as well as Central and West Asia in a new campaign. Deep Instinct’s Threat Research team uncovered a new campaign conducted by the MuddyWater APT (aka SeedWorm, TEMP.Zagros, and Static Kitten) that was targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and United Arab Emirates. The […]
Security Affairs
North Korea-linked Kimsuky APT attack targets victims via Messenger
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware.
Cyber Security News
Chinese APT Hackers Exploits Government Web & Exchange Servers
A new Advanced Persistent Threat (APT) campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe.
Security Affairs
Iran-linked APT groups started exploiting Papercut flaw
Microsoft warns of Iran-linked APT groups that are targeting vulnerable PaperCut MF/NG print management servers. Microsoft warns that Iran-linked APT groups have been observed exploiting the CVE-2023-27350 flaw in attacks against PaperCut MF/NG print management servers. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability. PaperCut MF/NG contains an improper access control vulnerability within the […]
Security Affairs
Iran-Linked APT TA450 embeds malicious links in PDF attachments
In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera.
Security Affairs
Dark Pink APT targets Govt entities in South Asia
Researchers reported that Dark Pink APT employed a malware dubbed KamiKakaBot against Southeast Asian targets. In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. The activity of the group was first detailed by Group-IB […]
SecurityWeek
Researchers Crowdsourcing Effort to Identify Mysterious Metador APT
SentinelLabs researchers are crowdsourcing an effort to understand a new mysterious APT hitting hitting telcos, ISPs and universities in the Middle East and Africa.
Security Affairs
YoroTrooper APT group targets CIS countries and embassies
A new APT group, dubbed YoroTrooper, has been targeting government and energy organizations across Europe, experts warn. Cisco Talos researchers uncovered a new cyber espionage group targeting CIS countries, embassies and EU health care agency since at least June 2022. The APT group focuses on government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth […]
Security Affairs
Russia-linked APT group Midnight Blizzard hacked HPE
Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT Midnight Blizzard gained access to its Microsoft Office 365 email system
DarkReading
NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.
Cyber Security News
RedEyes APT Group Attacking Individuals to Exfiltrate Sensitive Data
RedEyes APT has recently been identified by the researchers at AhnLab Security using a new info-stealer that is dubbed "FadeStealer."
Bleeping Computer
Get 40% off Malwarebytes Premium for the holidays
Malwarebytes is running a holiday deal where you can get 40% off the Malwarebytes Premium antivirus software through the new year.
Security Affairs
LilacSquid APT targeted orgs in the U.S., Europe, and Asia
A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021.
Security Affairs
North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware
North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The group BlueNoroff is considered a group that operates under the control of the notorious North Korea-linked Lazarus APT group. The […]
The Hacker News
Chinese APT Hackers Targeting Betting Companies in Southeast Asia
Chinese APT hackers have been linked to a new campaign targeting gambling-related companies in South East Asia.
Bleeping Computer
These Ethical Hacking courses help you get a job in cybersecurity
The All-In-One 2021 Super-Sized Ethical Hacking Bundle helps you explore this topic and get certified, with 18 courses covering a wide variety of skills. You can get the bundle today for only $42.99.
Trend Micro
New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
We recently found a new advanced persistent threat (APT) group that we have dubbed Earth Berberoka (aka GamblingPuppet). This APT group targets gambling websites on Windows, macOS, and Linux platforms using old and new malware families.
Latest Hacking News
US Warns Of Cyberattacks On Industrial Control System (ICS) Via Specialized APT Tools
US cybersecurity officials have issued a detailed advisory alerting cyberattacks on critical ICS infrastructure via tools. US warns companies to be aware of such APT attacks. Industrial Control System (ICS) Cyberattacks Via Custom APT Tools Through a
Bleeping Computer
Get this grade "A" refurbished Lenovo desktop for under $180
Get this certified refurbished Lenovo ThinkCentre M900 Core i5-6500T desktop in black for $179.97 (reg. $349).
Security Affairs
Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU
Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU). The IT giant pointed out that Cadet Blizzard is […]
Security Affairs
China-linked APT Volt Typhoon targets critical infrastructure organizations
A China-linked APT group, tracked as Volt Typhoon, breached critical infrastructure organizations in the U.S. and Guam without being detected. China-linked APT cyber espionage group Volt Typhoon infiltrated critical infrastructure organizations in the U.S. and Guam without being detected. The group managed to maintain access without being detected for as long as possible. According to […]
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Security Affairs
Chinese MirrorFace APT group targets Japanese political entities
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a spear-phishing campaign targeting Japanese political entities and attributed it to the Chinese-speaking APT group tracked as MirrorFace. The experts tracked the campaign as Operation LiberalFace, it aimed at Japanese political entities, especially the members of […]
The Hacker News
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.
Bleeping Computer
Get into web development with this Python, Django training bundle
The Learn Python & Django Developer Bundle helps you get started, with 31 hours of hands-on training covering a range of uses. The courses are worth $1,600, but you can get them today for only $29.99 in a special deal for Bleeping Computer readers.
.webp)
Cyber Security News
ToddyCat APT Hackers Deploy Multiple Tools to Hijack Network Infrastructure
APT as ToddyCat, new insights have emerged regarding their sophisticated methods of hijacking network infrastructure to steal sensitive data.
Security Affairs
China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies. The Google TAG team published a report focused on cybersecurity […]
DarkReading
North Korea's Kimsuky APT Keeps Growing, Despite Public Outing
Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.
Security Affairs
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO’s […]
Security Affairs
Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails
Microsoft revealed that the Russia-linked APT Midnight Blizzard has compromised some of its corporate email accounts.
-1.webp)
Cyber Security News
Konni APT Exploits WinRAR Vulnerability To Attack Financial & Crypto Industries
Konni, a North Korean APT group, launched the first attack against the cryptocurrency industry, exploiting a recently found WinRAR vulnerability.
Cyber Security News
DoNot APT Hackers Deploy Android Malware Apps on Google Play
DoNot APT Hackers Deploy Android Malware Apps on Google Play, the CYFIRMA team successfully identified Android apps on the Google Play Store
Security Affairs
North Korea-linked APT breached the Seoul National University Hospital
The Korean National Police Agency (KNPA) warns that a North Korea-linked APT group had breached the Seoul National University Hospital (SNUH). The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest hospitals in the country, the Seoul National University Hospital (SNUH). The security breach took place […]
Cyber Security News
Chinese APT Groups Actively Targeting Outlook and Exchange Online Email Accounts
A china based APT actor accessed Microsoft 365 cloud environment and exfiltrated unclassified Exchange Online Outlook data.
The Hacker News
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks
A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe.
SecurityWeek
APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure
Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could target critical infrastructure.
CyberNews
Microsoft: Russian APT 28 exploits Windows bug with GooseEgg tool
Microsoft identifies the 'GooseEgg' tool created by Russian threat group APT 28, Forrest Blizzard to exploit known vulnerabilities in Windows printer spooler service.
DarkReading
iSoon's Secret APT Status Exposes China's Foreign Hacking Machination
Chinese government agencies are paying an APT, masked as a legitimate company, to spy on foreign and domestic targets of political interest.
Bleeping Computer
Save $154 and get certified with this cybersecurity exam prep bundle
Cybersecurity is increasingly everybody's concern, and getting certified helps you skill up and get up to speed. These eight cybersecurity exam prep courses get you ready for $29.97, $154 off the $184 MSRP only for a limited time.
Security Affairs
Iran-linked Mint Sandstorm APT targeted US critical infrastructure
An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT (previously tracked by Microsoft as PHOSPHORUS) to a series of attacks aimed at US critical infrastructure between late 2021 to mid-2022. The IT giant reported Mint […]
The Hacker News
Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off
You can currently get five top-rated cybersecurity certification courses for only $69, with lifetime access included!
Bleeping Computer
Memorial Day: Get lifelong language learning with Babbel for $139.97
Order by 5/28 to get your lifetime subscription for just $139.97, covering all 14 languages on all devices.
Security Affairs
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops […]
Security Affairs
Carderbee APT targets Hong Kong orgs via supply chain attacks
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat Hunter Team reported that a previously unknown APT group, tracked as Carderbee, used a malware-laced version of the legitimate Cobra DocGuard software to carry out a supply chain attack aimed at organizations in Hong Kong. […]
Security Affairs
Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware
The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus […]
CSO
APT actor ToddyCat hits government and military targets in Europe and Asia
The previously undocumented APT group has been targeting high-profile organizations in Asia and Europe for over a year.
Bleeping Computer
Vidar stealer abuses Mastodon to silently get C2 configuration
The Vidar stealer has returned in a new campaign that abuses the Mastodon social media network to get C2 configuration without raising alarms.
Security Affairs
U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist
The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government attributes the recent $600 million Ronin Validator cryptocurrencty heist to the North Korea-linked APT Lazarus. The U.S. Treasury announced in a notice the sanctions against the Ethereum address used by the APT to receive the […]
%20-%20APT%20Hackers%20Abusing%20GitHub%20To%20Deliver%20Malware%20Payload.webp)
Cyber Security News
Living-off-Trusted-Sites (LOTS) - APT Hackers Abusing GitHub To Deliver Malware Payload
Cybersecurity researchers at Recorded Future recently discovered that APT hackers are actively exploiting the GitHub platform.
Bleeping Computer
This Java courses help you get started in a career in coding
The Premium Java Programming Certification Bundle helps you get started, with over 600 video lessons taking you from the fundamentals through to advanced projects. The training is worth $1,600, but you can get it today for only $29.99.
Security Affairs
GALLIUM APT used a new PingPull RAT in recent campaigns
China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe, and Africa. China-linked Gallium APT (aka Softcell) used a previously undocumented remote access Trojan dubbed PingPull in recent attacks aimed at organizations in Southeast Asia, Europe, and Africa. Researchers from Palo Alto Networks defined the […]
DarkReading
Microsoft: 'Moonstone Sleet' APT Melds Espionage, Financial Goals
North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware.
SecurityWeek
Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks
Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks.
Security Affairs
N. Korean Kimsuky APT targets S. Korea-US military exercises
North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise. The news was reported by the South Korean police on Sunday, the law enforcement also added that […]
Cyber Security News
Billbug - APT Hackers Group Attack Digital Cert Authority to Intercept The HTTPS Traffic
Researchers uncovered that State-Sponsors APT hackers called "Billbug" attacked and compromise the digital certificate authority
Cyber Security News
BlackTech APT Hackers Attacking Network Routers to Breach Corporate Networks
BlackTech APT Hackers active since 2010, known for attacking government, industrial, technology, media, electronics, telecommunication, and military sectors.
Bleeping Computer
Get Microsoft Office for $200 off with this StackCommerce deal
Get a lifetime license to Microsoft Office Professional 2021 for Windows or Microsoft Office Home & Business for Mac 2021 for $29.97.
Security Affairs
Russia-linked Gamaredon APT continues to target Ukraine
Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign. Symantec and TrendMicro first discovered the Gamaredon […]
Security Affairs
The previously undocumented GoldenJackal APT targets Middle East, South Asia entities
A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. Kaspersky researchers shared details about the activity of a previously undocumented APT group, tracked as GoldenJackal, which has been active since 2019. The primary motivation of the group appears to be […]
Security Affairs
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
Cyber Security News
Sandworm APT Group Adds New Wiper to Its Hacking Toolkit
During the monitored timespan, APT groups aligned with Russia have been observed to be heavily involved in cyber operations aimed at Ukraine.
Security Affairs
POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep
An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021. POLONIUM APT focused only on Israeli targets, it launched attacks against more than a dozen organizations in various industries, including engineering, information technology, law, communications, branding and marketing, media, insurance, and social services. Microsoft MSTIC […]
The Cyber Express
Andariel APT Using DoraRAT and Nestdoor Malware to Spy on South Korean Businesses
Researchers have uncovered new attacks by a North Korean advanced persistent threat actor – Andariel APT group – targeting Korean
Security Affairs
Iran-linked MERCURY APT behind destructive attacks on hybrid environments
Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. The Microsoft Threat Intelligence team observed a series of destructive attacks on hybrid environments that were carried out by MuddyWater APT group (aka MERCURY). Threat actors masqueraded the attacks as a standard ransomware operation. MERCURY (aka MuddyWater, SeedWorm and TEMP.Zagros) has been active since […]
SecurityWeek
CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation
The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.
DarkReading
Low-Budget 'Winter Vivern' APT Awakens After 2-Year Hibernation
The "underreported" APT has returned to focus after attacks promoting Russian and Belarusian government interests and going after targets with humor, zest, and scrappiness.
Cyber Security News
APT Hackers Attacking Manufacturers With Keyloggers, Infostealers, And Proxy Tools
The Andariel APT group launched a targeted attack campaign against South Korean domestic companies and institutions, where manufacturing,
Loading more articles....