Tag: apt
-
APT Just Means Another Path Traversal
New Zero Day in Palo Alto GlobalProtect VPN Appliances Introduction On April 12th, Volexity announced they discovered zero day exploitation occurring … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/apt-just-means-another-path-traversal/
-
Cyber Espionage: Turla APT Hackers Attack European Organization With Backdoor
Cybersecurity experts have uncovered a failed attempt by the notorious Russia-based Turla Advanced Persistent Threat (APT) group to infiltrate an Alba… First seen on gbhackers.com Jump to article: gbhackers.com/cyber-espionage-turla-apt-hackers-attack-european-organization-with-backdoor/
-
Vedalia APT Group Exploits Oversized LNK Files to Deliver Malware
The Vedalia Advanced Persistent Threat (APT) group, also known by its alias Konni, has been distributing malware using an innovative technique involvi… First seen on gbhackers.com Jump to article: gbhackers.com/vedalia-apt-group-exploits/
-
Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries
Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/two-chinese-apt-groups-ramp-up-cyber.html
-
APT-Gruppe TA450: Hacker attackieren Israel
Die Hackergruppe TA450, die mit dem Iran in Verbindung stehen soll, hat laut einem Security-Anbieter seinen Angriffstaktiken auf israelische Unternehm… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/hacker-attackieren-israel
-
Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East
Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploit… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/saudi-arabia-uae-top-list-of-apt-targeted-nations-in-middle-east
-
Russian APT Releases More Deadly Variant of AcidRain Wiper Malware
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-releases-more-deadly-variant-of-acidrain-wiper-malware
-
Iran-Linked APT TA450 embeds malicious links in PDF attachments
In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera. Proofpoint resea… First seen on securityaffairs.com Jump to article: securityaffairs.com/161042/apt/iran-ta450-rmm-atera.html
-
iSoon Leak Shows Links to Chinese APT Groups
The Firm Is Operating Alongside RedHotel, RedAlpha and Poison Carp. Chinese hacking contractor iSoon supported three separate cyberespionage operation… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/isoon-leak-shows-links-to-chinese-apt-groups-a-24713
-
Cozy Bear and other APTs changing tack as cloud adoption increases
First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366571339/Cozy-Bear-and-other-APTs-changing-tack-as-cloud-adoption-increases
-
Chinese APT ‘Earth Krahang’ Compromises 48 Gov’t Orgs on 5 Continents
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apt-earth-krahang-compromised-48-gov-orgs-5-continents
-
Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon
Government agencies in the Five Eyes countries warn critical infrastructure entities of Chinese state-sponsored hacking group Volt Typhoon. The post n… First seen on securityweek.com Jump to article: www.securityweek.com/five-eyes-agencies-issue-new-alert-on-chinese-apt-volt-typhoon/
-
Chinese APT Hacks 48 Government Organizations
Earth Krahang, likely a penetration team of Chinese government contractor I-Soon, has compromised 48 government entities worldwide. The post ahang, li… First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-hacks-48-government-organizations/
-
Earth Krahang APT breached tens of government organizations worldwide
Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide. Trend Micro researchers … First seen on securityaffairs.com Jump to article: securityaffairs.com/160702/apt/earth-krahang-apt.html
-
Lazarus APT group returned to Tornado Cash to launder stolen funds
North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT gro… First seen on securityaffairs.com Jump to article: securityaffairs.com/160525/breaking-news/lazarus-apt-returned-tornado-cash.html
-
Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in Jan… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russia-sponsored-cyberattackers-infiltrate-microsoft-s-code-base
-
Chinese Panda APT Hacking Websites To Infect Windows And MacOS Users
Evasive Panda dubbed BRONZE HIGHLAND and Daggerfly, a Chinese-speaking APT group operating since at least 2012, has been spotted conducting cyber… First seen on gbhackers.com Jump to article: gbhackers.com/china-panda-apt-malware-attack/
-
New APT Group ‘Lotus Bane’ Behind Recent Attacks on Vietnam’s Financial Entities
A financial entity in Vietnam was the target of a previously undocumented threat actor called;Lotus Bane;that was first detected in March 2023.Singapo… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/new-apt-group-lotus-bane-behind-recent.html
-
ScreenConnect flaws exploited to drop new ToddlerShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a n… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddlershark-malware/
-
ScreenConnect flaws exploited to drop new ToddleShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a n… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddleshark-malware/
-
Complete Guide to Advanced Persistent Threat (APT) Security
This is what an advanced persistent threat (APT) attack is like. APTs are sophisticated, targeted cyberattacks designed to evade detection and steal s… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/complete-guide-to-advanced-persistent-threat-apt-security/
-
Chinese APT Developing Exploits to Defeat Already Patched Ivanti Users
More bad news for Ivanti customers: soon, even if you’ve patched, you still might not be safe from relentless attacks from high-level Chinese threat a… First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinese-apt-exploits-defeat-patched-ivanti-users
-
‘Voltzite’ Zaps African Utilities as Part of Volt Typhoon’s Onslaught
The China-backed APT that’s been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deployi… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/voltzite-zaps-african-utilities-volt-typhoon-onslaught
-
iSoon’s Secret APT Status Exposes China’s Foreign Hacking Machinations
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/-isoon-contractor-helps-the-prc-hack-foreign-governments-companies
-
Iranian APTs Dress Up as Hacktivists for Disruption, Influence Ops
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iranian-apts-dress-up-as-hacktivists-for-disruption-influence-ops
-
Russian APT ‘Winter Vivern’ Targets European Government, Military
TAG-70’s sophisticated espionage campaign targeted a range of geopolitical targets, suggesting a highly capable and well-funded state-backed threat ac… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-winter-vivern-targets-european-government-military
-
Schlag gegen Hackergruppe APT 28: Cyberspionage-Plattform aus WLAN-Routern abgeschaltet
Die Hackergruppe APT 28 hatte im Auftrag des russischen Militärgeheimdiensts (GRU) Schadsoftware auf Hunderten Routern in Büros und privaten Haushalte… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/cyberspionage-plattform-aus-wlan-routern-abgeschaltet
-
U.S. authorities disrupt Russian intelligence’s botnet
In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Gro… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/02/16/us-authorities-disrupt-russian-intelligence-botnet/
-
Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs
A spate of recent cyber-espionage attacks showcases Turla’s brand-new modular custom malware, and an expansion of the state-sponsored group’s scope of… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos