APT

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon.…

10 months ago
North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packagesNorth Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

North Korea-linked APT group Gleaming Pisces is distributing a new malware called PondRAT through tainted Python packages. Unit 42 researchers…

10 months ago
Chinese APT Earth Baxia target APAC by exploiting GeoServer flawChinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw.…

10 months ago
UNC1860 provides Iran-linked APTs with access to Middle Eastern networksUNC1860 provides Iran-linked APTs with access to Middle Eastern networks

UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant…

10 months ago
Experts warn of China-linked APT’s Raptor Train IoT BotnetExperts warn of China-linked APT’s Raptor Train IoT Botnet

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from…

10 months ago
Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>

Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors.…

11 months ago
North Korea-linked APT used a new RAT called MoonPeakNorth Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted…

11 months ago
Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APTMicrosoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked…

11 months ago
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malwareBelarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware

Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware

Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads.…

12 months ago
Void Banshee exploits CVE-2024-38112 zero-day to spread malwareVoid Banshee exploits CVE-2024-38112 zero-day to spread malware

Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group…

12 months ago
Show more Posts
Show previous Posts