While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor. After the initial disclosure of the SolarWinds attack, several teams of researchers mentioned the existence of two […]
Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the recent SolarWinds hack. Microsoft, FireEye, and GoDaddy have created a kill switch for the Sunburst backdoor that was used in SolarWinds supply chain attack. Last week, Russia-linked hackers breached SolarWinds, the attackers had used a trojanized […]
The group of cyber mercenaries tracked as DeathStalker has been using a new PowerShell backdoor in recent attacks. The cyber mercenaries group known as DeathStalker has been using a new PowerShell backdoor in recent attacks. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, […]
The Dark Caracal APT group has carried out a series of attacks against multiple sectors using a new variant of a 13-year-old backdoor Trojan. The Dark Caracal cyberespionage group is back, researchers from Check Point uncovered a new series of attack against multiple industries. The Dark Caracal is an APT group associated with the Lebanese […]
Researchers spotted a new China-linked APT, tracked as FunnyDream that already infected more than 200 systems across Southeast Asia. Security experts at BitDefender have uncovered a new China-linked cyber espionage group, tracked as FunnyDream that has already infected more than 200 systems across Southeast Asia over the past two years. According to Kaspersky Lab, FunnyDream […]
A sophisticated threat actor, tracked as UNC1945, has been observed exploiting vulnerabilities in the Oracle Solaris operating systems for over two years. Researchers from FireEye reported that a sophisticated threat actor, tracked as UNC1945, has been observed targeting Oracle Solaris operating systems for over two years. The codename “UNC” used to track the group is […]
The npm security team has removed a malicious JavaScript library named “twilio-npm” from its repository because contained malicious code. The npm security team has removed a malicious JavaScript library named “twilio-npm” from its repository because contained a code for establishing backdoors on the computers of the programmers. Npm is the largest package repository for any […]
Experts uncovered a new watering hole attack, dubbed Operation Earth Kitsune, targeting the Korean diaspora that exploits flaws in web browsers. Researchers at Trend Micro have disclosed details about a new watering hole campaign, dubbed Operation Earth Kitsune, targeting the Korean diaspora that exploits flaws in web browsers such as Google Chrome and Internet Explorer […]
Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting […]
Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. States of the Five Eyes intelligence alliance (US, UK, Canada, Australia, and New Zealand), plus Japan and India, once again call for tech firms to implement backdoors into end-to-end and device encryption. âWe, the […]