APT Archives - Page 69 of 113

Pierluigi Paganini May 22, 2020

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. The Winnti group was first spotted by Kaspersky […]

Pierluigi Paganini May 21, 2020

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Cybersecurity researchers uncovered an Iranian cyber espionage campaign conducted by Chafer APT and aimed at critical infrastructures in Kuwait and Saudi Arabia. Cybersecurity researchers from Bitdefender published a detailed report on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. The cyber espionage campaigns were carried out by Iran-linked Chafer […]

Pierluigi Paganini May 16, 2020

APT group targets high profile networks in Central Asia

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector. The level of sophistication of the […]

Pierluigi Paganini May 15, 2020

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. The Tropic Trooper APT that has been active at least since 2011, it was first spotted in 2015 […]

Pierluigi Paganini May 15, 2020

Russian APT Turla’s COMpfun malware uses HTTP status codes to receive commands

Russia-linked cyberespionage group Turla targets diplomatic entities in Europe with a new piece of malware tracked as COMpfun. Security experts from Kaspersky Lab have uncovered a new cyberespionage campaign carried out by Russia-linked APT Turla that employs a new version of the COMpfun malware. The new malware allows attackers to control infected hosts using a […]

Pierluigi Paganini May 13, 2020

USCYBERCOM shares five new North Korea-linked malware samples

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT, it has uploaded the malicious code to VirusTotal. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the […]

Pierluigi Paganini May 09, 2020

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

North Korea-linked Lazarus APT group employed a Mac variant of the Dacls Remote Access Trojan (RAT) in recent attacks. North Korea-linked Lazarus APT already used at least two macOS malware in previous attacks, now researchers from Malwarebytes have identified a new Mac variant of the Linux-based Dacls RAT. The activity of the Lazarus APT group (aka HIDDEN COBRA) […]

Pierluigi Paganini May 07, 2020

Naikon APT is flying under the radar since 2015

Chinese-speaking Naikon APT group leverages a new backdoor called Aria-body to target organizations in South Asia and Australia. The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar over the past five years while targeting entities in Asia-Pacific (APAC) region. The […]

Pierluigi Paganini April 28, 2020

PhantomLance, a four-year-long cyberespionage spying campaign

Kaspersky Lab uncovered an ongoing cyberespionage campaign, dubbed PhantomLance, that employed malicious apps hosted on the official Google Play. Kaspersky has spotted an ongoing campaign, dubbed PhantomLance, that employed malicious spying apps hosted by Google Play. The campaign has been active for at least four, experts discovered “dozens” of malicious apps in Google Play, some of which […]

Pierluigi Paganini April 23, 2020

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Juan Andres Guerrero-Saade, a former Kaspersky and Google researcher, uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in […]

APT

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

APT group targets high profile networks in Central Asia

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Russian APT Turla’s COMpfun malware uses HTTP status codes to receive commands

USCYBERCOM shares five new North Korea-linked malware samples

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Naikon APT is flying under the radar since 2015

PhantomLance, a four-year-long cyberespionage spying campaign

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

McLaren Health Care data breach impacted over 743,000 people

American steel giant Nucor confirms data breach in May attack

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

Qilin ransomware gang now offers a "Call Lawyer" feature to pressure victims

QUICK LINKS

APT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!