APT

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS.…

4 weeks ago

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target…

4 weeks ago

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years.…

1 month ago

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security…

1 month ago

Russian Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns

Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign. Microsoft announced that the…

2 months ago

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT…

2 months ago

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from…

2 months ago

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group…

2 months ago

Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm,…

3 months ago

UK and US expose Russia Callisto Group’s activity and sanction members

The UK NCSC and Microsoft warned that Russia-linked threat actor Callisto Group is targeting organizations worldwide. The UK National Cyber…

3 months ago

This website uses cookies.