APT Archives - Page 65 of 113

Pierluigi Paganini October 12, 2020

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint security alert to warn of attackers combining VPN and Windows Zerologon flaws to target government networks. […]

Pierluigi Paganini October 08, 2020

MontysThree threat actor targets Russian industrial organizations

A previously unknown threat actor, tracked as MontysThree, composed of Russian speaking members targets Russian industrial organizations. Kaspersky Lab researchers spotted a new threat actor, tracked as MontysThree, composed of Russian speaking members targets Russian industrial organizations. The MontysThree group used a toolset dubbed MT3 in highly targeted attacks with cyber espionage purposes. Researchers at […]

Pierluigi Paganini October 06, 2020

Iran-linked APT is exploiting the Zerologon flaw in attacks

Microsoft researchers reported that Iranian cyber espionage group MuddyWater is exploiting the Zerologon vulnerability in attacks in the wild. Microsoft published a post and a series of tweets to warn of cyber attacks exploiting the Zerologon vulnerability carried out by the Iran-linked APT group known as MuddyWater, aka Mercury. The Zerologon vulnerability, tracked as CVE-2020-1472, is […]

Pierluigi Paganini October 05, 2020

Second-ever UEFI rootkit used in North Korea-themed attacks

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four […]

Pierluigi Paganini October 05, 2020

SLOTHFULMEDIA RAT, a new weapon in the arsenal of a sophisticated threat actor

U.S. DoD and the DHS CISA agency published a malware analysis report for a new malware variant tracked as SLOTHFULMEDIA The U.S. Department of Defense’s Cyber National Mission Force (CNMF) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have published a malware analysis report that provides technical details of a new […]

Pierluigi Paganini October 02, 2020

XDSpy APT remained undetected since at least 2011

Researchers from ESET uncovered the activity of a new APT group, tracked as XDSpy, that has been active since at least 2011. XDSpy is the name used by ESET researchers to track a nation-state actor that has been active since at least 2011. The APT group, recently discovered by ESET, targeted government and private companies […]

Pierluigi Paganini October 01, 2020

North Korea APT group targeted tens of UN Security Council officials

North Korea-linked APT group targeted UN Security Council officials over the past year, states a report from the United Nations organ. A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. The campaign targeted at least 28 UN officials, including at least 11 individuals […]

Pierluigi Paganini September 27, 2020

Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18 […]

Pierluigi Paganini September 17, 2020

APT41 actors charged for attacks on more than 100 victims globally

US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The United States Department of Justice this week announced indictments against five Chinese nationals believed to be members of the cyber-espionage group known as APT41 (Winnti, Barium, Wicked Panda and Wicked Spider). US authorities are […]

Pierluigi Paganini September 15, 2020

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking […]

APT

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

MontysThree threat actor targets Russian industrial organizations

Iran-linked APT is exploiting the Zerologon flaw in attacks

Second-ever UEFI rootkit used in North Korea-themed attacks

SLOTHFULMEDIA RAT, a new weapon in the arsenal of a sophisticated threat actor

XDSpy APT remained undetected since at least 2011

North Korea APT group targeted tens of UN Security Council officials

Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

APT41 actors charged for attacks on more than 100 victims globally

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

McLaren Health Care data breach impacted over 743,000 people

American steel giant Nucor confirms data breach in May attack

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

Qilin ransomware gang now offers a "Call Lawyer" feature to pressure victims

QUICK LINKS

APT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!