Skip to Content

Iranian hackers breached U.S. federal agency that failed to patch Log4Shell

Updated on 2022-11-21: Iranian hackers breached U.S. federal agency that failed to patch Log4Shell U.S. cybersecurity agency CISA announced this week that a U.S. federal civilian agency was compromised earlier this year by Iran-backed hackers, likely working on behalf of the regime. CISA didn’t name the agency or say what, if anything, was taken. Washington …

Read More about Iranian hackers breached U.S. federal agency that failed to patch Log4Shell

Billbug targeting an unnamed authority

Updated on 2022-11-21: China-backed hackers targeted certificate authority Chinese government-backed hackers have been caught targeting an unnamed authority, per Symantec. The threat group it calls Billbug also targeted government defense agencies, a satellite communications operator, and three different telecom companies. Read more: Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries State-sponsored …

Read More about Billbug targeting an unnamed authority

Iridium/Sandworm APT – Russia behind Ukraine, Poland ransomware attacks

Updated on 2022-11-13: Russia behind Ukraine, Poland ransomware attacks Microsoft said this week that ransomware attacks targeting transportation and logistics companies in Ukraine and neighboring Poland back in October were launched by Russian military hackers, with the aim of causing disruption of the flow of goods and materiel into Ukraine. Microsoft dubbed the attack Prestige, …

Read More about Iridium/Sandworm APT – Russia behind Ukraine, Poland ransomware attacks

Worok APT

Updated on 2022-11-11 Avast researchers have published their own analysis on the tools used by Worok, a relatively new APT first documented in an ESET report this September, linked to attacks that targeted energy companies in Central Asia and public sector entities in Southeast Asia. Read more: PNG Steganography Hides Backdoor Worok: The big picture …

Read More about Worok APT

Bronze President / Red Delta / TA416 / Mustang Panda / Earth Preta APT

Updated on 2022-11-22: Claimloader The LAC threat analysis team has a report out on a recent spear-phishing operation carried out by the Mustang Panda APT, which deployed the Claimloader trojan on infected systems. Claimloader appears to be a variation of the malware Cisco Talos first spotted and documented back in May. Read more: 中国圏拠点のMustang Pandaがマルウェア「Claimloader」で標的型攻撃、日本にも影響か …

Read More about Bronze President / Red Delta / TA416 / Mustang Panda / Earth Preta APT
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.