Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO’s […]
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “Digital Revolution” claimed to have hacked a subcontractor to the Russian FSB. The […]
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. The five 0-day vulnerabilities […]
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library […]
A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. The group has been active since at least 2017, researchers believe it is linked with other China-linked APT […]
Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis. Malwarebytes experts uncovered a campaign that targets German users with custom PowerShell RAT targeting. The threat actors attempt to trick victims into opening weaponized documents by using the current situation in Ukraine as bait. The […]
China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of attacks. In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. The attacks were also reported by Google’s TAG team, which confirmed they were for […]
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers from Cybereason uncovered a sophisticated cyberespionage campaign, dubbed Operation CuckooBees, aimed at stealing intellectual property from the victims. The campaign flew under the radar since at least 2019, it was attributed by the experts to […]
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on financial institutions, experts estimated that APT38 (Unit 180 of North Korea’s cyber-army Bureau 121) has stolen at hundreds of million dollars from banks worldwide. APT38 appears to be a North Korea-linked group separate from the […]
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies. The Google TAG team published a report focused on cybersecurity […]