APT

Russia-linked RomCom group targeted Ukrainian government agencies since late 2023Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers…

10 months ago
China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systemsChina-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT…

10 months ago
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto GroupMicrosoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S.…

10 months ago
China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon.…

10 months ago
North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packagesNorth Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

North Korea-linked APT group Gleaming Pisces is distributing a new malware called PondRAT through tainted Python packages. Unit 42 researchers…

10 months ago
Chinese APT Earth Baxia target APAC by exploiting GeoServer flawChinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw.…

10 months ago
UNC1860 provides Iran-linked APTs with access to Middle Eastern networksUNC1860 provides Iran-linked APTs with access to Middle Eastern networks

UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant…

10 months ago
Experts warn of China-linked APT’s Raptor Train IoT BotnetExperts warn of China-linked APT’s Raptor Train IoT Botnet

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from…

11 months ago
Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>

Iran-linked group APT33 adds new Tickler malware to its arsenal<gwmw style="display:none;"></gwmw>

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors.…

11 months ago
North Korea-linked APT used a new RAT called MoonPeakNorth Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted…

11 months ago
Show more Posts
Show previous Posts