‘YoroTrooper’ Espionage Group Linked to Kazakhstan 25/10/2023 at 23:46 By Ionut Arghire Cisco links the espionage-focused ‘YoroTrooper’ threat actor to Kazakhstan. The post ‘YoroTrooper’ Espionage Group Linked to Kazakhstan appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
‘YoroTrooper’ Espionage Group Linked to Kazakhstan Read More »
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) 25/10/2023 at 14:46 By Zeljka Zorz The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. “Exploitation of the XSS vulnerability can
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631) Read More »
Bracing for AI-enabled ransomware and cyber extortion attacks 24/10/2023 at 07:37 By Help Net Security AI has been the shiniest thing in tech since at least November 2022, when ChatGPT was made available to the masses and unveiled the transformative potential of large language models for all the world to see. As businesses scramble to
Bracing for AI-enabled ransomware and cyber extortion attacks Read More »
North Korean hackers are targeting software developers and impersonating IT workers 20/10/2023 at 13:52 By Helga Labus State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers. North Korean hackers targeting developers Microsoft has outlined on Wednesday how
North Korean hackers are targeting software developers and impersonating IT workers Read More »
Aptos resumes operation after 5-hour outage that ‘impacted’ transactions 19/10/2023 at 09:01 By Cointelegraph By Martin Young Aptos suffered a five-hour outage, coincidentally in the same week that the network launched this time last year. This article is an excerpt from Cointelegraph.com News View Original Source
Aptos resumes operation after 5-hour outage that ‘impacted’ transactions Read More »
State-sponsored APTs are leveraging WinRAR bug 18/10/2023 at 18:21 By Zeljka Zorz A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE vulnerability (CVE-2023-40477). Exploited as a zero-day by cybercriminals
State-sponsored APTs are leveraging WinRAR bug Read More »
Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers 10/10/2023 at 17:03 By cybleinc CRIL analyzes Mythic’s Athena Agent targeting Russian Semiconductor suppliers via spear-phishing emails. The post Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers appeared first on Cyble. This article is an excerpt from Cyble View Original Source
Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers Read More »
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm 02/10/2023 at 11:48 By Help Net Security Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, Instagram,
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm Read More »
Crypto exchange Upbit stems fake APT token flood, resumes services 25/09/2023 at 06:03 By Cointelegraph By Brayden Lindrea The newly created fake APT token called “ClaimAPTGift.com” made its way to 400,000 Aptos wallets, and users found they were able to deposit and sell it on the exchange. This article is an excerpt from Cointelegraph.com News
Crypto exchange Upbit stems fake APT token flood, resumes services Read More »
New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware 21/09/2023 at 23:32 By Ryan Naraine New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign. The post New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware appeared first on SecurityWeek. This article is an excerpt
New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware Read More »
How Next-Gen Threats Are Taking a Page From APTs 13/09/2023 at 18:49 By Derek Manky Cybercriminals are increasingly trying to find ways to get around security, detection, intelligence and controls as APTs start to merge with conventional cybercrime. The post How Next-Gen Threats Are Taking a Page From APTs appeared first on SecurityWeek. This article
How Next-Gen Threats Are Taking a Page From APTs Read More »
Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes 07/09/2023 at 00:03 By Ryan Naraine Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails. The post Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes appeared first on
Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes Read More »
APTs use of lesser-known TTPs are no less of a headache 14/08/2023 at 08:32 By Help Net Security APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone is fair game, and
APTs use of lesser-known TTPs are no less of a headache Read More »
Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft
Russian APT phished government employees via Microsoft Teams Read More »
Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack 02/08/2023 at 09:31 By Eduard Kovacs The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. The post Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack appeared
Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack Read More »
Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups 01/08/2023 at 20:15 By Ionut Arghire Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors. The post Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups Read More »
North Korean hackers targeted tech companies through JumpCloud and GitHub 21/07/2023 at 16:03 By Helga Labus North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. The JumpCloud intrusion On June 27, JumpCloud
North Korean hackers targeted tech companies through JumpCloud and GitHub Read More »
Microsoft Exchange servers compromised by Turla APT 20/07/2023 at 15:17 By Helga Labus Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, Snake, UAC-0003) is a sophisticated and
Microsoft Exchange servers compromised by Turla APT Read More »
Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come
Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »
Rapid7: Japan Threat Landscape Takes on Global Significance 29/06/2023 at 18:46 By Kevin Townsend Rapid7 analyzes the Japan threat landscape and warns that attacks against the third-largest economy in the world have global consequences. The post Rapid7: Japan Threat Landscape Takes on Global Significance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Rapid7: Japan Threat Landscape Takes on Global Significance Read More »