06 Aug 2020

Linux Spyware Stack Ties Together 5 Chinese APTs

On Wednesday, BlackBerry released an analysis to the Black Hat 2020 conference group in which evidence linking five Chinese APT groups was presented. The five groups are allegedly splinters of the Winnti group, which is a supply-chain specialist threat actor group. All five entities were observed by researchers using the

Read More
30 Jul 2020

Kaspersky Uncovers New APT “Mercenary” Group

Kaspersky’s security researchers have released information on a new cyber-mercenary group that the firm recently discovered and named “Deceptikons.” Kaspersky states that the advanced persistent threat group has been providing hacking services for hire for almost a decade. According to researchers, the APT group is lacking technically and is not

Read More
23 Jul 2020

Lazarus Group Surfaces with Advanced Malware Framework

North Korean hacking group called Lazarus Group has emerged with a new multipurpose malware framework that targets a variety of systems, including Windows, Linux, and macOS. The APT has named the sophisticated malware framework MATA. Kaspersky researchers discovered the new framework when investigating a series of attacks that utilized the

Read More
18 Jun 2020

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

According to security researchers, InvisiMole is back and has begun targeting Eastern European organizations in the military sector with a sophisticated and updated toolset and APT partnership. InvisiMole was redetected due to a new campaign and strategic collaboration with well known APT group Gamaredon. The group was first discovered by

Read More
10 Jun 2020

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

According to researchers, the threat actor APT group known as TA410 has added a new tool to its arsenal, a modular remote-access trojan (RAT). Proofpoint researchers have connected the group to attacks on the United States’ utility sector, targeting Windows devices. The RAT is called FlowCloud and can access installed

Read More
08 Apr 2020

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign

BlackBerry has stated that five threat groups that have been known to steal US companies’ intellectual property on behalf of the Chinese government may have the power to do critical damage during the COVID-19 pandemic. Researchers at BlackBerry claim that the groups have targeted companies in industries via cross-platform attacks

Read More
07 Apr 2020

Government VPN Servers Targeted in Zero-Day Attack

Security analysts at the Chinese firm Qihoo 360 claim that the Chinese government is being targeted by the threat actor group DarkHotel amid efforts to provide access to official resources for those working remotely. The Chinese government has been using virtual private networks (VPNs) to achieve this goal, and DarkHotel

Read More
18 Mar 2020

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat (APT) group has been leveraging the current pandemic to spread new malware deemed “Vicious Panda.” Security researchers stated that they had identified two suspicious Rich Text Format files targeting the Mongolian public sector. The RTF files execute a unique remote access trojan that takes screenshots of

Read More
19 Feb 2020

Iranian Hackers Backdoored VPNs Via One-Day Bugs

Security researchers have reported that unpatched bugs in VPN and RDPs allowed Iran to conduct a cyber-espionage campaign that infiltrated global organizations. Although the campaign was already attributed to APT33, a state-sponsored hacking group, security firm Clearsky has publicized further details. The new report claims that the three-year-long campaign named

Read More
08 May 2019

Russian cyberspies are using one hell of a clever Microsoft Exchange backdoor

Notorious Russian hacking group Turla is using a highly sophisticated backdoor as part of a cyber espionage campaign targeting email servers, ESET researchers have discovered. The backdoor, dubbed LightNeuron, is the first of its kind “to be directly integrated into the working flow of Microsoft Exchange,” one of the researchers

Read More