Skip to Content

Updated on 2022-12-28 Kaspersky has an analysis of recent MOTW bypass techniques used by the BlueNoroff North Korean APT in attacks since this September. This includes hiding malware inside ISO or VHD files and the use of Batch scripts and various LOLbins. Overview The financially motivated BlueNoroff group was found using a new malware strain …

Read More about BlueNoroff APT

Updated on 2022-12-16 QiAnXin reported on recent SideWinder APT spear-phishing operations Updated on July 2022: Sidewinder compromises Pakistani Air Force On a similar note, Check Point said it had “evidence suggesting that Pakistan Air Force’s Headquarters was a victim of a successful attack conducted by Sidewinder, a suspected India-based APT group.” The compromise allegedly took …

Read More about SideWinder APT spear-phishing operations

Updated on 2022-12-15: Operation LiberalFace ESET has a report on a campaign launched by MirrorFace, a suspected Chinese APT, that targeted Japanese political entities a few weeks before the House of Councillors elections. Read more: Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities Overview The MirrorFace hacking group was found targeting Japanese politicians for weeks …

Read More about MirrorFace MirrorStealer Operation LiberalFace

Updated on 2022-12-12: MuddyWater APT Deep Instinct researchers have a report out on a recent spear-phishing campaign carried out by the MuddyWater Iranian APT. This particular campaign was of note because of two things. First, the group used compromised corporate accounts to send out emails to their targets. Second, the final payload was Syncro, a …

Read More about MuddyWater Iranian APT

Updated on 2022-12-07: Fantasy Wiper Used in Attacks Against Diamond Industry and Others While researchers at ESET were analyzing a supply chain attack affecting Israeli software developer, they detected a wiper being used by the Agrius APT group. The wiper, Fantasy, and its execution tool, known as Sandals, were used after Agrius gained access to …

Read More about Fantasy Wiper Used in Attacks Against Diamond Industry and Others

Updated on 2022-12-07: Callisto APT PwC’s threat intelligence team published a report last week on the spear-phishing operations carried out by Blue Callisto, a Russian cyber-espionage group, throughout 2022. PwC said the campaign focused on obtaining credentials from US and European government officials and organizations linked to national security matters. In addition, since Russia’s invasion …

Read More about Blue Callisto TAG-53 APT

Updated on 2022-12-29 The Log4Shell vulnerability remains a big threat to organizations even after a year since it received security patches. It is found that around 40% of software continues to use vulnerable versions of Apache Log4j. Read more: Lessons Learned: The Log4J Vulnerability 12 Months On Updated on 2022-12-12: Log4Shell one-year anniversary Happy birthday …

Read More about Log4j library still vulnerable to the Log4Shell exploit

Updated on 2022-11-21: China-backed hackers targeted certificate authority Chinese government-backed hackers have been caught targeting an unnamed authority, per Symantec. The threat group it calls Billbug also targeted government defense agencies, a satellite communications operator, and three different telecom companies. Read more: Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries State-sponsored …

Read More about Billbug targeting an unnamed authority

Updated on 2022-12-06 Microsoft warned against Russian cyberattacks targeting NATO allies and Ukrainian infrastructure throughout the winter, especially by the Sandworm APT gang. Read more: Microsoft warns of Russian cyberattacks throughout the winter Updated on 2022-11-30: Sandworm Threat Actors are Launching Ransomware Attacks Against Organizations in Ukraine Researchers from ESET say that the threat actor …

Read More about Iridium/Sandworm APT – New Sandworm ransomware strain named RansomBoggs

Updated on 2022-11-11 Avast researchers have published their own analysis on the tools used by Worok, a relatively new APT first documented in an ESET report this September, linked to attacks that targeted energy companies in Central Asia and public sector entities in Southeast Asia. Read more: PNG Steganography Hides Backdoor Worok: The big picture …

Read More about Worok APT

Updated on 2022-12-29 The Kimsuky APT group is behind a phishing attack that targeted nearly 900 foreign policy experts from South Korea. The attack was intended to steal their personal information and later execute ransomware attacks. Read more: 기자·국회의원실등 사칭 전자우편 발송사건, 북 해킹조직 소행으로 확인 Updated on 2022-12-14: When Asking Nicely Is Easier Than …

Read More about Thallium Kimsuky APT Asking Nicely

Updated on 2022-12-08 Latest research by Blackberry revealed that the Chinese state-sponsored Mustang Panda group is leveraging Russia-Ukraine war-related lures to attack Asia Pacific and European entities. Read more: Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets Updated on 2022-12-07 BlackBerry’s security team has a breakdown of a recent Mustang …

Read More about Bronze President / Red Delta / TA416 / Mustang Panda / Earth Preta APT
Ads Blocker Image Powered by Code Help Pro

Your Support Matters...

We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.