APT

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

APT, cyber espionage, Don't miss, Email, EU, Hot stuff, Microsoft, Microsoft Exchange, News, Outlook, vulnerability /

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397) 05/12/2023 at 17:47 By Helga Labus Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising email accounts and maintaining […]

React to this headline:

Loading spinner

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397) Read More »

Sandworm hackers incapacitated Ukrainian power grid amid missile strike

APT, critical infrastructure, Don't miss, Hot stuff, ICS/SCADA, Malware, Mandiant, News, Russian Federation /

Sandworm hackers incapacitated Ukrainian power grid amid missile strike 09/11/2023 at 19:17 By Helga Labus Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. About Sandworm “Sandworm is a threat actor that has carried out cyber operations in support of

React to this headline:

Loading spinner

Sandworm hackers incapacitated Ukrainian power grid amid missile strike Read More »

DoNot APT expands its arsenal to spy on victim’s VoIP calls

Android, APT, DoNot, Kashmir, spyware /

DoNot APT expands its arsenal to spy on victim’s VoIP calls 01/11/2023 at 17:17 By cybleinc Cyble analyzes the latest version of Android malware used by the DoNot APT group in their espionage campaign. The post DoNot APT expands its arsenal to spy on victim’s VoIP calls appeared first on Cyble. This article is an

React to this headline:

Loading spinner

DoNot APT expands its arsenal to spy on victim’s VoIP calls Read More »

Higaisa APT Resurfaces via Phishing Website targeting Chinese Users

APT, China, Higaisa, OpenVPN, phishing /

Higaisa APT Resurfaces via Phishing Website targeting Chinese Users 26/10/2023 at 13:46 By cybleinc CRIL analyzes Higaisa APT targeting Chinese users through phishing websites to deliver a Rust-based Shellcode Loader. The post Higaisa APT Resurfaces via Phishing Website targeting Chinese Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Higaisa APT Resurfaces via Phishing Website targeting Chinese Users Read More »

‘YoroTrooper’ Espionage Group Linked to Kazakhstan

APT, Malware & Threats /

‘YoroTrooper’ Espionage Group Linked to Kazakhstan 25/10/2023 at 23:46 By Ionut Arghire Cisco links the espionage-focused ‘YoroTrooper’ threat actor to Kazakhstan. The post ‘YoroTrooper’ Espionage Group Linked to Kazakhstan appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

‘YoroTrooper’ Espionage Group Linked to Kazakhstan Read More »

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)

0-day, APT, Don't miss, Europe, government-backed attacks, Hot stuff, News, open source, Roundcube /

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) 25/10/2023 at 14:46 By Zeljka Zorz The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. “Exploitation of the XSS vulnerability can

React to this headline:

Loading spinner

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) Read More »

Bracing for AI-enabled ransomware and cyber extortion attacks

APT, Artificial Intelligence, attacks, cybercriminals, cybersecurity, Don't miss, education, Email, Expert analysis, Expert corner, extortion, Hot stuff, Malware, News, opinion, phishing, Ransomware, spear-phishing, Zscaler /

Bracing for AI-enabled ransomware and cyber extortion attacks 24/10/2023 at 07:37 By Help Net Security AI has been the shiniest thing in tech since at least November 2022, when ChatGPT was made available to the masses and unveiled the transformative potential of large language models for all the world to see. As businesses scramble to

React to this headline:

Loading spinner

Bracing for AI-enabled ransomware and cyber extortion attacks Read More »

North Korean hackers are targeting software developers and impersonating IT workers

APT, Don't miss, FBI, Hot stuff, Insider Threat, Microsoft, News, North Korea, software development, supply chain compromise, vulnerability /

North Korean hackers are targeting software developers and impersonating IT workers 20/10/2023 at 13:52 By Helga Labus State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers. North Korean hackers targeting developers Microsoft has outlined on Wednesday how

React to this headline:

Loading spinner

North Korean hackers are targeting software developers and impersonating IT workers Read More »

Aptos resumes operation after 5-hour outage that ‘impacted’ transactions

APT, Aptos, blockchain, network, outage, Theta Network /

Aptos resumes operation after 5-hour outage that ‘impacted’ transactions 19/10/2023 at 09:01 By Cointelegraph By Martin Young Aptos suffered a five-hour outage, coincidentally in the same week that the network launched this time last year. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

Aptos resumes operation after 5-hour outage that ‘impacted’ transactions Read More »

State-sponsored APTs are leveraging WinRAR bug

APT, Don't miss, DuskRise, exploit, Google, government-backed attacks, Hot stuff, News, phishing, spear-phishing, WinRAR /

State-sponsored APTs are leveraging WinRAR bug 18/10/2023 at 18:21 By Zeljka Zorz A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE vulnerability (CVE-2023-40477). Exploited as a zero-day by cybercriminals

React to this headline:

Loading spinner

State-sponsored APTs are leveraging WinRAR bug Read More »

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers

APT, Athena Agent, Beacon Object Files, CVE-2023-38831, Malware, Mythic Agent, phishing, Russia, Semiconductors, spear-phishing, WhiteSnake, WinRAR /

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers 10/10/2023 at 17:03 By cybleinc CRIL analyzes Mythic’s Athena Agent targeting Russian Semiconductor suppliers via spear-phishing emails. The post Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers Read More »

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

APT, backdoor, cyber espionage, ESET, News, spear-phishing /

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm 02/10/2023 at 11:48 By Help Net Security Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, Instagram,

React to this headline:

Loading spinner

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm Read More »

Crypto exchange Upbit stems fake APT token flood, resumes services

APT, ClaimAPTGift.com, deposits, Fake Token, Refund, System Maintenance, Upbit, withdrawals /

Crypto exchange Upbit stems fake APT token flood, resumes services 25/09/2023 at 06:03 By Cointelegraph By Brayden Lindrea The newly created fake APT token called “ClaimAPTGift.com” made its way to 400,000 Aptos wallets, and users found they were able to deposit and sell it on the exchange. This article is an excerpt from Cointelegraph.com News

React to this headline:

Loading spinner

Crypto exchange Upbit stems fake APT token flood, resumes services Read More »

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

APT, Cyberwarfare, Featured, Lua, Sandman /

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware 21/09/2023 at 23:32 By Ryan Naraine New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign. The post New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware Read More »

How Next-Gen Threats Are Taking a Page From APTs

APT, Network Security /

How Next-Gen Threats Are Taking a Page From APTs 13/09/2023 at 18:49 By Derek Manky Cybercriminals are increasingly trying to find ways to get around security, detection, intelligence and controls as APTs start to merge with conventional cybercrime. The post How Next-Gen Threats Are Taking a Page From APTs appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

How Next-Gen Threats Are Taking a Page From APTs Read More »

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes

APT, China, cloud security, Data Breaches, M365, Microsoft, Nation-State /

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes 07/09/2023 at 00:03 By Ryan Naraine Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails. The post Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes appeared first on

React to this headline:

Loading spinner

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes Read More »

APTs use of lesser-known TTPs are no less of a headache

APT, attacks, Don't miss, Expert analysis, Expert corner, Hot stuff, Malware, opinion, strategy, WithSecure /

APTs use of lesser-known TTPs are no less of a headache 14/08/2023 at 08:32 By Help Net Security APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone is fair game, and

React to this headline:

Loading spinner

APTs use of lesser-known TTPs are no less of a headache Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

APT, Ivanti, Malware & Threats, Zero-Day /

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack 02/08/2023 at 09:31 By Eduard Kovacs The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. The post Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack appeared

React to this headline:

Loading spinner

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack Read More »

Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups

APT, BlackBasta, cloud security, Cloudzy, Cyberwarfare, Halcyon, Nation-State, Ransomware /

Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups 01/08/2023 at 20:15 By Ionut Arghire Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors. The post Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups Read More »

Scroll to Top