Tag: apt
-
Chinese ‘Tropic Trooper’ APT Targets Mideast Governments
In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically … First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-tropic-trooper-apt-targets-mideast-governments
-
BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT
Cybersecurity researchers at Zscaler ThreatLabz have uncovered a new wave of attacks by the BlindEagle APT group, this time zeroing in on the Colombia… First seen on securityonline.info Jump to article: securityonline.info/blindeagle-apt-targets-colombian-insurance-with-blotchyquasar-rat/
-
Taiwanese drone makers subjected to TIDRONE APT intrusions
Tags: aptFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/taiwanese-drone-makers-subjected-to-tidrone-apt-intrusions
-
North Korea’s ‘Citrine Sleet’ APT Exploits Zero-Day Chromium Bug
Microsoft warned that the DPRK’s latest innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Chinese APT Exploits Versa Networks Zero-Day Flaw
The vulnerability impacts versions of Versa Director prior to 22.1.4, and Versa Networks recommends that impacted users update to the fixed version as… First seen on duo.com Jump to article: duo.com/decipher/chinese-apt-exploits-versa-networks-zero-day-flaw
-
TIDRONE APT targets drone manufacturers in Taiwan
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an al… First seen on securityaffairs.com Jump to article: securityaffairs.com/168210/apt/tidrone-targets-organizations-taiwan.html
-
Commercial Spyware Vendors Have a Copycat in Top Russian APT
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/commercial-spyware-vendors-copycat-russian-apt
-
Tropic Trooper Attacks Government Organizations to Steal Sensitive Data
Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group, and it has been active since 2011. This APT group pr… First seen on gbhackers.com Jump to article: gbhackers.com/tropic-trooper-attack-steal-sensitive-data/
-
Chinese cyber attack sparks alert over six-year-old MS vuln
After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exp… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366599914/Chinese-cyber-attack-sparks-alert-over-six-year-old-MS-vuln
-
South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel
The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execu… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/south-korean-apt-exploits-1-click-wps-office-bug-nabs-chinese-intel
-
Gamaredon APT Launches Spear-Phishing Campaign Targeting Ukrainian Military
A sophisticated spear-phishing campaign orchestrated by the Gamaredon APT group has emerged as a threat to Ukrainian military personnel. Cyble Researc… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/gamaredon-campaign/
-
Researchers Unpacked AvNeutralizer EDR Killer Used By FIN7 Group
FIN7 (aka Carbon Spider, ELBRUS, Sangria Tempest) is a Russian APT group that is primarily known for targeting the U.S. retail, restaurant, and hospit… First seen on gbhackers.com Jump to article: gbhackers.com/avneutralizer-edr-killer-unpacked/
-
APT60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WP… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
-
Chinese APT sets sights on Middle East government orgs
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/chinese-apt-sets-sights-on-middle-east-government-orgs
-
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
Cybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, beari… First seen on securityonline.info Jump to article: securityonline.info/researcher-identifies-toddycat-inspired-apt-attack-leveraging-icmp-backdoor-and-microsoft-exchange-flaws/
-
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. T… First seen on gbhackers.com Jump to article: gbhackers.com/toddycat-apt-exploits/
-
CVE-2024-7971: North Korean APT Citrine Sleet Exploits Chromium Zero-Day
In a recent cybersecurity report, Microsoft Threat Intelligence has revealed that a North Korean threat actor, believed to be Citrine Sleet, has been … First seen on securityonline.info Jump to article: securityonline.info/cve-2024-7971-north-korean-apt-citrine-sleet-exploits-chromium-zero-day/
-
Czech Officials Targeted in Sophisticated Malware Campaign Disguised as NATO Documents
Seqrite Labs APT-Team has uncovered a sophisticated malware campaign, dubbed >>Operation Oxidový,
-
North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korean-apt-exploits-novel-chromium-windows-bugs-steal-crypto
-
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/01/week-in-review-sonicwall-critical-firewalls-flaw-fixed-apt-exploits-wps-office-for-windows-rce/
-
Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day
Redmond’s threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financi… First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-says-north-korean-cryptocurrency-thieves-behind-chrome-zero-day/
-
Operation DevilTiger: APT12’s Shadowy Tactics and Zero-Day Exploits Unveiled
The QiAnXin Threat Intelligence Center has disclosed the technical details of a sophisticated cyber espionage campaign dubbed >>Operation DevilTiger,
-
North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit
North Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group C… First seen on securityaffairs.com Jump to article: securityaffairs.com/167848/breaking-news/north-korea-linked-apt-exploited-chrome-zero-day-cve-2024-7971.html
-
South Korea-linked group APT-C-60 exploited a WPS Office zero-day
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group A… First seen on securityaffairs.com Jump to article: securityaffairs.com/167825/hacking/apt-c-60-wps-office-zero-day.html
-
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
The APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, … First seen on gbhackers.com Jump to article: gbhackers.com/deviltiger-apt-zero-day/
-
Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia’s APT29 and commercial spyware vendors. The p… First seen on securityweek.com Jump to article: www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa/
-
South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apt-c-60-hackers-exploited-wps-office-zero-day-to-deploy-spyglace-malware/
-
APT Gruppe Muddy Water attackiert MSPs
r Einblick in die undurchsichtige Welt der Cyberspionage und anderer wachsender Bedrohungen, mit denen Anbieter von Managed Services – und ihre Kunden… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/05/02/apt-gruppe-muddy-water-attackiert-msps/
-
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
ESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which is… First seen on securityonline.info Jump to article: securityonline.info/eset-uncovers-zero-day-vulnerabilities-in-wps-office-exploited-by-apt-c-60/
-
APT Gruppe Evasive Panda verteilt Malware als Updates beliebter chinesischer Software
arch deckt eine Kampagne der als Evasive Panda bekannten APT-Gruppe auf, die eine internationale NGO in China mit Malware angreift. Diese wird über Up… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/04/26/apt-gruppe-evasive-panda-verteilt-malware-als-updates-beliebter-chinesischer-software/