Tag: group
-
European authorities crack down on illegal streaming networks
Officials said they dismantled nine organized crime groups and removed more than 27,000 URLs hosting live sports and other copyrighted media during a seven-month operation. First seen on cyberscoop.com Jump to article: cyberscoop.com/europol-piracy-streaming-crackdown-operation-kratos2/
-
Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-use-new-atlas-rat-malware-in-european-cyberattacks/
-
Tropical Blend: Cyber & Politics Ramp Up Across Latin America
China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/nation-state-cyber-activity-latin-america
-
China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns. First seen on hackread.com Jump to article: hackread.com/china-ta4922-hackers-uk-europe-silentrunloader-malware/
-
Gentlemen Ransomware Exploits Fortinet Flaws, AI, and Custom C2 Tools
A newly analyzed leak tied to The Gentlemen ransomware group reveals how modern ransomware operations are evolving in structure and tooling while relying on the same proven intrusion techniques seen over the past four years. The leak also highlights operator continuity across major ransomware brands. A threat actor known as “Tinker” appears across Conti (2022),…
-
Police dismantles 9 crime groups in illegal streaming crackdown
European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-9-crime-groups-in-illegal-streaming-crackdown/
-
Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say
Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/execs-cisos-must-treat-cyber/
-
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation focuses on venture capital firms, Web3 developers, and crypto platforms, highlighting a continued shift in North Korean cyber operations toward financially…
-
SideCopy group targets Afghanistan’s Ministry of Finance with Xeno RAT
First seen on scworld.com Jump to article: www.scworld.com/brief/sidecopy-group-targets-afghanistans-ministry-of-finance-with-xeno-rat
-
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation.Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then used…
-
Mustang Panda Uses LNK, PowerShell Chain to Deploy PlugX RAT
Mustang Panda is using a fake “Browser Updater” and a multi”‘stage LNKPowerShell loader to sideload PlugX through a legitimate G DATA antivirus binary, ultimately beaconing over HTTPS to a hard”‘coded C2 while hiding configuration and strings behind layered encryption and API hashing. Mustang Panda is a China”‘nexus APT group, long associated with PlugX remote access…
-
Scottish residents granted permission for group action against Capita
People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643816/Scottish-residents-granted-permission-for-group-action-against-Capita
-
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT.”The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” First seen on…
-
Age verification tech could put children at greater risk, says think tank
UK proposals for mandatory age verification will not mitigate children’s exposure to harmful content and ‘addictive’ app design, and risks excluding vulnerable groups from online services, says Foundation for Information Policy Research First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643835/Age-verification-tech-could-put-children-at-greater-risk-says-think-tank
-
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order
A judge said Democrats and civil groups filed the lawsuit too early to demonstrate harm, but that could change after newly proposed postal regulations. First seen on cyberscoop.com Jump to article: cyberscoop.com/usps-mail-in-ballot-restrictions-trump-order/
-
Afghan finance officials targeted by suspected Pakistani cyberespionage campaign
A suspected Pakistan-linked hacking group has targeted Afghanistan’s Ministry of Finance and provincial government officials in a new cyberespionage campaign, researchers have found. First seen on therecord.media Jump to article: therecord.media/afghan-officials-targeted-by-sidecopy
-
Ransomware Operators Keep Business Hours. The Data Proves It
16,699 ransomware leak posts over 2 years show 84% drop MondayFriday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over two years and asked the question most threat intelligence reports dance around: when does this actually happen? The answer is mundane and useful. Ransomware runs on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years
More than half of the attacks observed over the past year targeted educational institutions, particularly maritime universities and schools that train personnel for Russia’s shipping, inland waterway and fishing industries. First seen on therecord.media Jump to article: therecord.media/unknown-hacking-group-targeting-russia-for-nearly-two-years
-
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious code fully starts, making endpoint detection and response tools much harder to spot the attack. The campaign, attributed to the Iran-nexus group Screening Serpens, pairs this technique with DLL sideloading, fake job lures, and staged…
-
FSB Group Gamaredon Hides Worm in Windows Data Streams
FSB-linked Gamaredon concealed a fileless worm in NTFS data streams to spy on Ukraine targets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gamaredon-worm-ntfs-data-streams/
-
Advanced China-Nexus Group Strikes Southeast Asian Networks
A sophisticated cyber espionage campaign is currently striking enterprise operations across Southeast Asia. Specifically, a China-nexus group has First seen on securityonline.info Jump to article: securityonline.info/custom-linux-router-implant-malware/
-
Advanced China-Nexus Group Strikes Southeast Asian Networks
A sophisticated cyber espionage campaign is currently striking enterprise operations across Southeast Asia. Specifically, a China-nexus group has First seen on securityonline.info Jump to article: securityonline.info/custom-linux-router-implant-malware/
-
Advanced China-Nexus Group Strikes Southeast Asian Networks
A sophisticated cyber espionage campaign is currently striking enterprise operations across Southeast Asia. Specifically, a China-nexus group has First seen on securityonline.info Jump to article: securityonline.info/custom-linux-router-implant-malware/
-
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Iran-linked hackers have launched a destructive cyber campaign that wipes IT, backup, and recovery systems at multiple organizations in the Middle East and beyond, severely undermining victims’ ability to restore operations after an attack. Evidence ties the operation to the long-running Iranian threat group Black Shadow, believed to work on behalf of Iran’s Ministry of…