Tag: apt

North Korean Kimusky Group Attacking University Professors

Aug 12, 2024 2:37 PM

Tags: apt, dmarc, exploit, group, north-korea, phishing, social-engineering

Kimsuky, a North Korean APT group, employs targeted phishing campaigns, leveraging DMARC exploitation to conceal social engineering, infiltrate univer… First seen on gbhackers.com Jump to article: gbhackers.com/north-korean-kimusky-group/
StormBamboo APT Targets ISPs, Spreads Malware via Software Updates

Aug 8, 2024 7:36 PM

Tags: apt, malware, software, update

First seen on hackread.com Jump to article: hackread.com/stormbamboo-apt-isps-malware-via-software-updates/
New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel

Aug 8, 2024 2:36 PM

Tags: apt, attack, cyber, group, tactics, threat

Overview Leveraging NSFOCUS’s Global Threat Hunting System, NSFOCUS Security Labs (NSL) captured an attack campaign targeting Azerbaijan and Israel on… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/new-apt-group-actor240524-a-closer-look-at-its-cyber-tactics-against-azerbaijan-and-israel/
Chinese hackers compromised an ISP to deliver malicious software updates

Aug 7, 2024 5:36 AM

Tags: apt, china, dns, hacker, Internet, malicious, malware, service, software, update

APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Vole… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/05/compromised-isp-dns-malware/
Chinese StormBamboo APT compromised ISP to deliver malware

Aug 7, 2024 4:36 AM

Tags: apt, china, Internet, malware, service, update

A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity… First seen on securityaffairs.com Jump to article: securityaffairs.com/166552/apt/stormbamboo-compromised-isp-malware.html
Hackers Infect Windows With Backdoor Malware Via >>Car For Sale<< Ad

Aug 6, 2024 3:36 PM

Tags: apt, backdoor, malware, phishing, russia, windows

Fighting Ursa, a Russian APT, has employed a car sales phishing lure to distribute the HeadLace backdoor malware targeting diplomats since March 2024…. First seen on gbhackers.com Jump to article: gbhackers.com/hackers-infect-windows-car-ad/
Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Aug 6, 2024 9:36 AM

Tags: apt, backdoor, malware, phishing, russia, windows

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that … First seen on securityaffairs.com Jump to article: securityaffairs.com/166496/apt/russia-apt-headlace-malware.html
SideWinder APT Group Sets Sights on Ports and Maritime Facilities in Espionage Campaign

Aug 5, 2024 3:33 AM

Tags: apt, espionage, group, india, threat

The notorious nation-state threat actor SideWinder has launched a sophisticated new campaign targeting ports and maritime facilities in the Indian Oce… First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-group-sets-sights-on-ports-and-maritime-facilities-in-espionage-campaign/
SideWinder phishing campaign targets maritime facilities in multiple countries

Aug 2, 2024 7:36 AM

Tags: apt, espionage, group, india, phishing

The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWind… First seen on securityaffairs.com Jump to article: securityaffairs.com/166325/breaking-news/sidewinder-phishing-campaign-maritime-facilities.html
China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms

Jul 31, 2024 9:36 PM

Tags: apt, china

First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-evasive-panda-apt-spies-taiwan-targets-across-platforms
Indian APT Targeting Mediterranean Ports and Maritime Facilities

Jul 31, 2024 4:35 PM

Tags: apt, india

The SideWinder APT has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea in recent attacks. The post Indian APT T… First seen on securityweek.com Jump to article: www.securityweek.com/indian-apt-targeting-mediterranean-ports-and-maritime-facilities/
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware

Jul 31, 2024 2:35 PM

Tags: apt, group, malicious, malware, ukraine

Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious … First seen on securityaffairs.com Jump to article: securityaffairs.com/166265/intelligence/belarus-apt-ghostwriter-targeted-ukraine.html
APT-Hacker aus China: Cyberspion verteilt nebenbei Items an MMORPG-Spieler

Jul 31, 2024 8:38 AM

Tags: apt, china, hacker

Neben seiner Spionagetätigkeit hat ein chinesischer APT-Akteur wohl MMORPG-Spielefirmen gehackt, um Youtube- und Twitch-Streamern Vorteile zu verschaf… First seen on golem.de Jump to article: www.golem.de/news/apt-hacker-aus-china-cyberspion-verteilt-nebenbei-items-an-mmorpg-spieler-2407-187297.html
China-linked APT group uses new Macma macOS backdoor version

Jul 28, 2024 4:36 PM

Tags: apt, backdoor, china, group, macOS

China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Ma… First seen on securityaffairs.com Jump to article: securityaffairs.com/166102/apt/daggerfly-macma-macos-backdoor.html
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

Jul 25, 2024 8:40 AM

Tags: apt, exploit, flaw, group, microsoft, threat

An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML b… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html
Kimsuky APT: New TTPs Revealed in Rapid7 Cybersecurity Report

Jul 25, 2024 8:37 AM

Tags: apt, cybersecurity, tactics

Rapid7, a leading cybersecurity firm, has released a comprehensive report detailing the evolving tactics, techniques, and procedures (TTPs) of the Kim… First seen on securityonline.info Jump to article: securityonline.info/kimsuky-apt-new-ttps-revealed-in-rapid7-cybersecurity-report/
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments

Jul 24, 2024 3:40 PM

Tags: apt, attack, email, government, group, india, phishing, spear-phishing, threat

Overview Leveraging our global threat hunting system, NSFOCUS Security Research Labs discovered spear-phishing email attacks by the APT group Transpar… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/transparenttribes-spear-phishing-targeting-indian-government-departments/
SEXi-Hacker attackieren ESXi unter neuem Namen

Jul 24, 2024 11:41 AM

Tags: apt, hacker, ransomware

Die seit April als SEXi bekannte Ransomwaregruppe nennt sich neuerdings APT Inc. Sie hat es primär auf ESXi-Server abgesehen, manchmal aber auch auf W… First seen on golem.de Jump to article: www.golem.de/news/ransomware-sexi-hacker-attackieren-esxi-unter-neuem-namen-2407-187119.html
MHTML Exploited By APT Group Void Banshee

Jul 23, 2024 9:40 AM

Tags: apt, exploit, group

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cve-2024-38112-exploited-void/
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

Jul 22, 2024 10:40 PM

Tags: apt, attack, exploit, microsoft, phishing, spear-phishing, zero-day

First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/void-banshee-apt-microsoft-zero-day-spear-phishing-attacks
SEXi Ransomware Rebrands as ‘APT Inc.,’ Keeps Old Methods

Jul 22, 2024 6:40 PM

Tags: apt, ransomware

First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sexi-ransomware-rebrands-maintains-original-methods-of-operation
Iran’s MuddyWater APT targets Saudis and Israelis with BugSleep Backdoor

Jul 21, 2024 11:39 PM

Tags: apt, backdoor, iran

First seen on hackread.com Jump to article: hackread.com/iran-muddywater-saudi-israel-bugsleep-backdoor/
Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Jul 20, 2024 7:39 PM

Tags: apt, cve, exploit, group, Internet, malware, windows, zero-day

Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void … First seen on securityaffairs.com Jump to article: securityaffairs.com/165832/apt/void-banshee-cve-2024-38112-zero-day-attacks.html
Italy targeted by Chinese APT attacks

Jul 19, 2024 8:55 PM

Tags: apt, attack, china

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/italy-targeted-by-chinese-apt-attacks
Void Banshee APT exploited >>lingering Windows relic<< in zero-day attacks

Jul 19, 2024 4:10 AM

Tags: apt, attack, cve, exploit, group, vulnerability, windows, zero-day

The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/16/cve-2024-38112-void-banshee/
New APT Group CloudSorcerer Targets Russian Government Entities

Jul 18, 2024 1:10 PM

Tags: apt, government, group, russia, threat

A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by lever… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/new-apt-group-cloudsorcerer-targets.html
Void Banshee Group Used ‘Windows Relic’ IE in Phishing Campaign

Jul 18, 2024 10:10 AM

Tags: apt, exploit, flaw, group, Internet, phishing, windows

The APT group Void Banshee exploited a now-patched Windows security flaw and the retired Internet Explorer browser to distributed the Atlantida malwar… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/void-banshee-group-used-windows-relic-ie-in-phishing-campaign/
Houthi-Aligned APT Targets Mideast Militaries With ‘GuardZoo’ Spyware

Jul 17, 2024 4:56 PM

Tags: apt, spyware

First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/houthi-aligned-apt-targets-middle-east-militaries-spyware
SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks

Jul 17, 2024 3:55 PM

Tags: apt, attack, ransomware, vmware

The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations i… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sexi-ransomware-rebrands-to-apt-inc-continues-vmware-esxi-attacks/
Tick APT-Gruppe attackiert DLP-Softwareentwickler in Ostasien

Jul 17, 2024 2:55 PM

Tags: apt, tool

arch hat eine Kampagne der APT-Gruppe Tick gegen ein Unternehmen in Ostasien aufgedeckt und ein bisher unbekanntes Tool gefunden, das von der Gruppe v… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/03/14/tick-apt-gruppe-attackiert-dlp-softwareentwickler-in-ostasien/