Intelligence

New HiatusRAT campaign targets Taiwan and U.S. military procurement systemNew HiatusRAT campaign targets Taiwan and U.S. military procurement system

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

HiatusRAT malware operators resurfaced with a new wave of attacks targeting Taiwan-based organizations and a U.S. military procurement system. In…

2 years ago
Chinese hackers compromised emails of U.S. Government agenciesChinese hackers compromised emails of U.S. Government agencies

Chinese hackers compromised emails of U.S. Government agencies

Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious…

2 years ago
Iran-linked APT TA453 targets Windows and macOS systemsIran-linked APT TA453 targets Windows and macOS systems

Iran-linked APT TA453 targets Windows and macOS systems

Iran-linked APT group tracked TA453 has been linked to a new malware campaign targeting both Windows and macOS systems. The…

2 years ago
Iran-linked Charming Kitten APT enhanced its POWERSTAR BackdoorIran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm…

2 years ago
Stealth Soldier backdoor used is targeted espionage attacks in LibyaStealth Soldier backdoor used is targeted espionage attacks in Libya

Stealth Soldier backdoor used is targeted espionage attacks in Libya

Researchers detected a cyberespionage campaign in Libya that employs a new custom, modular backdoor dubbed Stealth Soldier. Experts at the…

2 years ago
Experts detail a new Kimsuky social engineering campaignExperts detail a new Kimsuky social engineering campaign

Experts detail a new Kimsuky social engineering campaign

North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered…

2 years ago
Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgsLancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

The Lancefly APT group is using a custom powerful backdoor called Merdoor in attacks against organizations in South and Southeast…

2 years ago
China-linked Alloy Taurus APT uses a Linux variant of PingPull malwareChina-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033.…

2 years ago
Russian APT group Winter Vivern targets email portals of NATO and diplomatsRussian APT group Winter Vivern targets email portals of NATO and diplomats

Russian APT group Winter Vivern targets email portals of NATO and diplomats

Russian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails of NATO and diplomats. A…

2 years ago
Bitter APT group targets China’s nuclear energy sector Bitter APT group targets China’s nuclear energy sector 

Bitter APT group targets China’s nuclear energy sector

Intezer researchers reported that a South Asian espionage group, tracked as Bitter, is targeting the Chinese nuclear energy industry. Intezer…

2 years ago