APT Archives - Page 62 of 115

Pierluigi Paganini January 15, 2021

Winnti APT continues to target game developers in Russia and abroad

A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41) […]

Pierluigi Paganini January 12, 2021

Sophisticated hacking campaign uses Windows and Android zero-days

Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole […]

Pierluigi Paganini January 12, 2021

Sunspot, the third malware involved in the SolarWinds supply chain attack

Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot, directly involved in the SolarWinds supply chain attack. According to a new report published by the cybersecurity firm Crowdstrike, a third malware, dubbed SUNSPOT, was involved in the recently disclose SolarWinds supply chain attack. SUNSPOT was discovered after the Sunburst/Solorigate backdoor and […]

Pierluigi Paganini January 11, 2021

Connecting the dots between SolarWinds and Russia-linked Turla APT

Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar. Security experts from Kaspersky have identified multiple similarities between the Sunburst malware used in the SolarWinds supply chain attack and the Kazuar backdoor that has been employed in cyber espionage campaigns conducted by Russia-linked APT group Turla. The discovery […]

Pierluigi Paganini January 07, 2021

North Korea-linked APT37 targets South with RokRat Trojan

Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government. On December 7 2020 researchers from Malwarebytes uncovered a campaign targeting the South Korean government with a variant of the RokRat RAT. The experts found a malicious document uploaded to Virus Total related to a […]

Pierluigi Paganini January 05, 2021

Experts linked ransomware attacks to China-linked APT27

Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups. The experts attribute the attacks to the Chinese cyberespionage group APT27 […]

Pierluigi Paganini January 04, 2021

New alleged MuddyWater attack downloads a PowerShell script from GitHub

Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub. Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub. This PowerShell script is also used by threat actors to download a legitimate image file from image hosting […]

Pierluigi Paganini December 31, 2020

SolarWinds hackers gained access to Microsoft source code

The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft products. The threat actors behind the SolarWinds attack could have compromised a small number of internal accounts and used at least one of them to view source code in a number of source code repositories. […]

Pierluigi Paganini December 25, 2020

North Korea-linked Lazarus APT targets the COVID-19 research

The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]

Pierluigi Paganini December 21, 2020

SUPERNOVA, a backdoor found while investigating SolarWinds hack

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor. After the initial disclosure of the SolarWinds attack, several teams of researchers mentioned the existence of two […]

APT

Winnti APT continues to target game developers in Russia and abroad

Sophisticated hacking campaign uses Windows and Android zero-days

Sunspot, the third malware involved in the SolarWinds supply chain attack

Connecting the dots between SolarWinds and Russia-linked Turla APT

North Korea-linked APT37 targets South with RokRat Trojan

Experts linked ransomware attacks to China-linked APT27

New alleged MuddyWater attack downloads a PowerShell script from GitHub

SolarWinds hackers gained access to Microsoft source code

North Korea-linked Lazarus APT targets the COVID-19 research

SUPERNOVA, a backdoor found while investigating SolarWinds hack

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

Dahua Camera flaws allow remote hacking. Update firmware now

Researchers released a decryptor for the FunkSec ransomware

Apple fixed a zero-day exploited in attacks against Google Chrome users

PyPI maintainers alert users to email verification phishing attack

QUICK LINKS

APT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!