03 Nov 2022

Available on Demand: OODA CTO Bob Gourley Chats with Simply Cyber on Cracking the Original APT

Available on Demand: OODA CTO Bob Gourley Chats with Simply Cyber on “Cracking the Original APT”.

Read More
14 Oct 2022

Budworm Espionage Group Returns, Targets US State Legislature

An advanced persistent threat actor known as Budworm has been spotted by security researchers targeting a US based entity. This marks the first time that the group has targeted a US organization as it typically focuses on international targets. Security researchers at Symantec were the first to discover the news.

Read More
06 Oct 2022

CISA Advisory Details How Hackers Targeted Defense Industrial Base Organization

On Tuesday, the Cybersecurity and Infrastructure Security Agency (CSA) released an advisory highlighting a threat targeting the Defense Industrial Base sector organization’s enterprise network. The advanced persistent threat group is leveraging the open-source toolkit Impakcet to gain initial access into target systems. After Impacket is successfully deployed, it launches the

Read More
12 Sep 2022

North Korean Lazarus Group Hacked Energy Providers Worldwide

A malicious campaign conducted by the North Korean threat actor Lazarus Group targeted energy providers around the world between February and July 2022. The campaign was previously partially disclosed by Symantec and AhnLab in April and May, respectively, but Cisco Talos is now providing more details about it. Writing in an advisory

Read More
08 Sep 2022

North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said Thursday that it has observed Lazarus — also known as APT38 — targeting unnamed energy providers in the United States, Canada

Read More
09 Aug 2022

Meta Takes Action Against Cyber Espionage Operations Targeting Facebook in South Asia

Meta has reportedly taken action against two cyber espionage operations located in South Asia and known as APT36 and Bitter APT. The company confirmed the actions in its latest quarterly threat report, published last Thursday. In the report, the risks identified by Meta across the world are discussed. Meta detailed

Read More
20 Jun 2022

China-linked APT Flew Under Radar for Decade

Researchers from SentinelLabs have disclosed a small but lethal China-linked APT that has gone undetected by security researchers for almost a decade. The researchers state that evidence suggests that the APT, named Aogin Dragon, has flown under the radar since 2013. During this time, they have been running cyberattack campaigns

Read More
03 May 2022

A stealthy new espionage group is targeting corporate mergers and acquisitions

A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. Mandiant, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as “UNC3524”, says that while the group’s corporate targets hint at

Read More
12 Apr 2022

Sandworm rolls out Industroyer2 malware against Ukraine

A new variant of the Industroyer malware, used to great effect against the Ukrainian energy sector by Russia’s Sandworm or Voodoo Bear advanced persistent threat (APT) group in 2016, has been identified by researchers from ESET, working in tandem with Ukraine’s national Computer Emergency Response Team, CERT-UA. Predictably dubbed Industroyer2, it

Read More
29 Mar 2022

Transparent Tribe APT returns to strike India’s government and military

The Transparent Tribe hacking group has allegedly re-emerged with a new malware arsenal. The group is targeting India’s government and military in a new campaign. Transparent Tribe has been active since at least 2013 and has operated in 30 countries. The APT tends to focus primarily on India and Afghanistan,

Read More