APT

China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firmChina-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm

China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm

A White House official confirmed that China-linked threat actor Salt Typhoon breached a ninth U.S. telecommunications company. A White House…

6 months ago
North Korea actors use OtterCookie malware in Contagious Interview campaignNorth Korea actors use OtterCookie malware in Contagious Interview campaign

North Korea actors use OtterCookie malware in Contagious Interview campaign

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat…

6 months ago
BellaCPP, Charming Kitten’s BellaCiao variant written in C++BellaCPP, Charming Kitten’s BellaCiao variant written in C++

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao malware dubbed BellaCPP, Kaspersky researchers…

6 months ago
DMM Bitcoin $308M Bitcoin heist linked to North KoreaDMM Bitcoin $308M Bitcoin heist linked to North Korea

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. Japanese…

6 months ago
Lazarus APT targeted employees at an unnamed nuclear-related organizationLazarus APT targeted employees at an unnamed nuclear-related organization

Lazarus APT targeted employees at an unnamed nuclear-related organization

North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked…

6 months ago
CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian armyCERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 abuses Cloudflare Workers services to target…

6 months ago
Russia-linked APT29 group used red team tools in rogue RDP attacks<gwmw style="display: none; background-color: transparent;"></gwmw>Russia-linked APT29 group used red team tools in rogue RDP attacks<gwmw style="display: none; background-color: transparent;"></gwmw>

Russia-linked APT29 group used red team tools in rogue RDP attacks<gwmw style="display: none; background-color: transparent;"></gwmw>

Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024,…

6 months ago
The Mask APT is back after 10 years of silenceThe Mask APT is back after 10 years of silence

The Mask APT is back after 10 years of silence

Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers…

6 months ago
Experts discovered the first mobile malware families linked to Russia’s GamaredonExperts discovered the first mobile malware families linked to Russia’s Gamaredon

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

The Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy…

6 months ago
Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoorRussia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor

Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor

Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT…

6 months ago
Show more Posts
Show previous Posts