North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, ESET researchers warn. The discovery was made by ESET researchers while […]
The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter. According to the SUPO, future NATO membership will make the country a privileged target […]
A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […]
ONLINE DISINFORMATION is one of the defining issues of our time and the influence of fake news has become an acute threat to our society. Disinformation undermines true journalism and steers the public opinion in highly charged topics such as immigration, climate change, armed conflicts or refugee and health crises. Social media platforms are the […]
The Russia-linked APT28Â group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. Cluster25 researchers were analyzing a lure PowerPoint document used to deliver a variant of Graphite malware, which is known to be used […]
Meta dismantled a network of Facebook and Instagram accounts spreading disinformation across European countries. Meta announced to have taken down a huge Russian network of Facebook and Instagram accounts used to spread disinformation published on more than 60 websites impersonating news organizations across Europe. The disinformation operation began in May 2022, the network targeted primarily […]
Researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the GRU. Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the Russian Main Intelligence Directorate (GRU). The experts assess with moderate confidence that moderators of the […]
China-linked cyberespionage group TA413 exploits employ a never-before-undetected backdoor called LOWZERO in attacks aimed at Tibetan entities. A China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), is exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at Tibetan entities. The TA413 APT group is known to be focused […]
A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SentinelLabs researchers uncovered a never-before-seen threat actor, tracked as Metador, that primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The experts pointed out that […]
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the Covered List. The Covered List, published by Public Safety and Homeland Security Bureau published, included products and […]