Available on Demand: OODA CTO Bob Gourley Chats with Simply Cyber on “Cracking the Original APT”.

An advanced persistent threat actor known as Budworm has been spotted by security researchers targeting a US based entity. This marks the first time that the group has targeted a US organization as it typically focuses on international targets. Security researchers at Symantec were the first to discover the news.

On Tuesday, the Cybersecurity and Infrastructure Security Agency (CSA) released an advisory highlighting a threat targeting the Defense Industrial Base sector organization’s enterprise network. The advanced persistent threat group is leveraging the open-source toolkit Impakcet to gain initial access into target systems. After Impacket is successfully deployed, it launches the

A malicious campaign conducted by the North Korean threat actor Lazarus Group targeted energy providers around the world between February and July 2022. The campaign was previously partially disclosed by Symantec and AhnLab in April and May, respectively, but Cisco Talos is now providing more details about it. Writing in an advisory

Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said Thursday that it has observed Lazarus — also known as APT38 — targeting unnamed energy providers in the United States, Canada

Meta has reportedly taken action against two cyber espionage operations located in South Asia and known as APT36 and Bitter APT. The company confirmed the actions in its latest quarterly threat report, published last Thursday. In the report, the risks identified by Meta across the world are discussed. Meta detailed

Researchers from SentinelLabs have disclosed a small but lethal China-linked APT that has gone undetected by security researchers for almost a decade. The researchers state that evidence suggests that the APT, named Aogin Dragon, has flown under the radar since 2013. During this time, they have been running cyberattack campaigns

A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. Mandiant, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as “UNC3524”, says that while the group’s corporate targets hint at

A new variant of the Industroyer malware, used to great effect against the Ukrainian energy sector by Russia’s Sandworm or Voodoo Bear advanced persistent threat (APT) group in 2016, has been identified by researchers from ESET, working in tandem with Ukraine’s national Computer Emergency Response Team, CERT-UA. Predictably dubbed Industroyer2, it

The Transparent Tribe hacking group has allegedly re-emerged with a new malware arsenal. The group is targeting India’s government and military in a new campaign. Transparent Tribe has been active since at least 2013 and has operated in 30 countries. The APT tends to focus primarily on India and Afghanistan,