Tag: apt
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military
The post EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/eggstreme-new-fileless-malware-from-a-chinese-apt-targets-philippine-military/
-
Cyberattack on Kazakhstan’s Largest Oil Company Was ‘Simulation’
Researchers thought a Russian APT used a compromised employee email to attack Kazakhstan’s biggest oil company. The company later confirmed it was a pen test. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-kazakhstan-largest-oil-company
-
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-apt-military-fileless/
-
APT-Angriff mit chinesischem Hintergrund auf Militärunternehmen
Südostasien gilt seit Jahren als geopolitischer Brennpunkt nicht nur wegen territorialer Streitigkeiten im Südchinesischen Meer, sondern zunehmend auch im digitalen Raum. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/apt-angriff-chinesisch-militaerunternehmen
-
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data…
-
Russian APT Attacks Kazakhstan’s Largest Oil Company
Researchers say a likely Russian APT used a compromised employee email account to attack Kazakhstan’s biggest company, though the oil and gas firm claims it was a pen test. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-kazakhstan-largest-oil-company
-
Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware
Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity… First seen on hackread.com Jump to article: hackread.com/chinese-apt-philippine-military-eggstreme-fileless-malware/
-
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.”This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender First seen on thehackernews.com Jump to…
-
APT-Angriff gegen Militärunternehmen auf den Philippinen
Südostasien ist zwar geographisch weit entfernt, aber es ist zentraler Brennpunkt der Geopolitik. Daher ist es sicher kein Zufall, dass Sicherheitsforscher der Bitdefender Labs Anfang 2024 in dieser Region Angriffe mit einem neuen komplexen Fileless-Malware-Toolset, , entdeckt haben. Adressat ein philippinisches Militärunternehmen, Absender offenbar eine APT-Gruppe aus China. Verwendete Taktiken, Techniken und Abläufe (TTPs) des…
-
Unmasking Salt Typhoon: A Report Exposes 45 New Domains from a Chinese APT Group
The post Unmasking Salt Typhoon: A Report Exposes 45 New Domains from a Chinese APT Group appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/unmasking-salt-typhoon-a-report-exposes-45-new-domains-from-a-chinese-apt-group/
-
Noisy Bear: A New APT Group Is Spying on Kazakhstan’s Energy Sector
The post Noisy Bear: A New APT Group Is Spying on Kazakhstan’s Energy Sector appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/noisy-bear-a-new-apt-group-is-spying-on-kazakhstans-energy-sector/
-
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trustDestructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
-
Chinese APT Groups Exploit Router Flaws to Breach Enterprises
Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques since 2021. Since at least 2021, Chinese state-sponsored cyber actors have been conducting extensive, stealthy operations to infiltrate and control key network devices across critical sectors worldwide. These malicious…
-
Iran MOIS Phishes 50+ Embassies, Ministries, Int’l Orgs
The Homeland Justice APT tried spying on countries and organizations from six continents, using more than 100 hijacked email accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iran-mois-50-embassies-ministries-intl-orgs
-
They know where you are: Cybersecurity and the shadow world of geolocation
Geolocation is the invisible attack vector. From Stuxnet to today’s APTs, malware now lies dormant until it hits the right place”, turning location data into a weapon. Acronis’ TRU explains why defenses must evolve beyond VPNs and perimeter controls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/they-know-where-you-are-cybersecurity-and-the-shadow-world-of-geolocation/
-
Silver Fox APT Abuses Windows Driver in Active Campaign
Gap in Microsoft Blocklist Exploited, ValleyRAT Runs Undetected. A Chinese nation-state cyber group is exploiting a Microsoft-signed driver to shut down Windows security protections. The attackers deployed the driver through a custom loader. The core weakness that Silver Fox relied on remained exploitable even after patching. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/silver-fox-apt-abuses-windows-driver-in-active-campaign-a-29351
-
Silver Fox APT Exploits Signed Windows Driver to Deliver ValleyRAT
Check Point reports Silver Fox APT using a signed WatchDog driver flaw to disable Windows security and deliver… First seen on hackread.com Jump to article: hackread.com/silver-fox-apt-exploit-signed-windows-driver-valleyrat/
-
Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign
The post Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-hankook-phantom-apt-37-targets-south-korean-institutions-with-lnk-based-espionage-campaign/
-
Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor
Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/silver-fox-deploy-valleyrat/
-
APT Groups Weaponize Infostealer Malware in Precision Attacks
Tags: apt, attack, credentials, cyber, cybersecurity, espionage, group, intelligence, malware, threat, tool, warfareThe cybersecurity landscape has witnessed a dangerous evolution as Advanced Persistent Threat (APT) groups increasingly weaponize opportunistic infostealer malware for sophisticated espionage campaigns. What once served as broad-spectrum credential harvesting tools are now being repurposed into precision instruments of geopolitical warfare, targeting diplomatic institutions worldwide with devastating effectiveness. Recent threat intelligence from Hudson Rock’s Cavalier…
-
Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure
Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure. The Dutch intelligence and security services MIVD and AIVD say Chinese cyber spies linked to Salt Typhoon (RedMike) targeted the Netherlands in a campaign hitting global critical infrastructure. In late 2024, a large-scale Chinese cyberespionage campaign targeting global telecoms was…
-
Silver Fox Hackers Use Driver Vulnerability to Evade Security on Windows Systems
A sophisticated campaign by the Silver Fox APT group that exploits a previously unknown vulnerable driver to bypass endpoint detection and response (EDR) and antivirus solutions on fully updated Windows 10 and 11 systems. Check Point Research (CPR) revealed on August 28, 2025, that the advanced persistent threat group has been leveraging the WatchDog Antimalware…
-
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs
NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. >>The National Security Agency (NSA) and…
-
China linked UNC6384 targeted diplomats by hijacking web traffic
The China-linked APT group UNC6384 targeted diplomats by hijacking web traffic to redirect it to a website that delivered malware. China-linked cyberespionage group UNC6384 targeted diplomats by hijacking web traffic to redirect to a website used to deliver malware, Google’s Threat Intelligence Group (GTIG) warns. Cyberspies hijacked a network’s captive portal using an advanced adversary-in-the-middle…
-
NSA, FBI, Others Say Chinese Tech Firms are Aiding Salt Typhoon Attacks
A report from intelligence agencies in the U.S., UK, and elsewhere outlined how three Chinese tech firms are supply China’s intelligence services with products and services that are being used in global campaigns by the state-sponsored APT group Salt Typhoon. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/nsa-fbi-others-say-chinese-tech-firms-are-aiding-salt-typhoon-attacks/