watering hole Archives - Security Affairs

Pierluigi Paganini August 06, 2024

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that […]

Pierluigi Paganini May 25, 2023

Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. ClearSky Cyber Security uncovered a watering hole attack on at least eight Israeli websites belonging to shipping, logistics, and financial services companies and attributed them with low confidence to the Iran-linked APT group Tortoiseshell (aka TA456 or Imperial […]

Pierluigi Paganini January 25, 2022

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

Experts found an undocumented macOS backdoor, dubbed DazzleSpy, that was employed in watering hole attacks aimed at politically active individuals in Hong Kong. Researchers from ESET have spotted an undocumented macOS backdoor, dubbed DazzleSpy, that was employed in watering hole attacks aimed at politically active individuals in Hong Kong. The investigation started in November after […]

Pierluigi Paganini November 12, 2021

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. The attackers exploited a XNU privilege escalation vulnerability […]

Pierluigi Paganini January 12, 2021

Sophisticated hacking campaign uses Windows and Android zero-days

Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole […]

Pierluigi Paganini March 26, 2020

Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks

Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy. […]

Pierluigi Paganini March 18, 2019

Hackers used Scanbox framework to hack Pakistani Govt’s passport application tracking site

Experts uncovered a watering hole attack against the Pakistani Govt’s passport application tracking site, hackers used the Scanbox Framework to steal visitors’ data. Security experts at Trustwave have shared their findings of a recent data breach suffered by a Pakistani government website. The attackers used the Scanbox Framework, the intrusion is similar to another attack […]

Pierluigi Paganini October 31, 2018

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

According to the U.S. Department of Justice, the Chinese intelligence officers recruited hackers and insiders to hack aerospace and tech firms. US DoJ accuses the Chinese intelligence to have recruited hackers and insiders to steal confidential information from companies in aerospace and tech companies. US intelligence believes that the cyber espionage operation was under the control of Zha […]

Pierluigi Paganini June 14, 2018

China-linked Emissary Panda APT group targets National Data Center in Asia

A China-linked APT group, LuckyMouse, Emissary Panda, APT27 and Threat Group 3390, has targeted a national data center in Central Asia. The APT group has been active since at least 2010, the crew targeted U.S. defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the […]

Pierluigi Paganini June 01, 2018

North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

A North Korea-linked APT group, tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities. According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks The attackers exploited at […]

watering hole

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

Sophisticated hacking campaign uses Windows and Android zero-days

Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks

Hackers used Scanbox framework to hack Pakistani Govt’s passport application tracking site

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

China-linked Emissary Panda APT group targets National Data Center in Asia

North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

QUICK LINKS

watering hole

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!