APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the
Tokyo police are investigating a series of cyberattacks on roughly 200 Japanese companies and research organizations. Initial investigations point towards a hacking group believed to be linked to the Chinese military, according to a statement made by the Japanese government on Tuesday. Among the list of hacked organizations is the
The National Security Agency (NSA) has released an alert warning that five vulnerabilities are being actively targeted by nation-state actors. The bugs affect VPN solutions, collaboration-suite software, and virtualization technologies in widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor, and VMware. According to the NSA, the goal of the
The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint advisory warning administrators that APT groups are currently exploiting three different vulnerabilities that existing the Fortinet FortiOS. News of the active exploits was allegedly broken to the public just a few days ago
According to researchers at Malwarebytes, a new APT group has been discovered. The group has been named LazyScript and bears some similarities to other known Middle Eastern threat groups, however, due to techniques and tools used, Malwarebytes has designated them to be a distinct operation separate from other known groups.
According to recent Check Point Security Research, Chinese threat actor group APT31 allegedly cloned and re-used a National Security Agency hacking tool years before Microsoft patched the severe vulnerability that it targeted. The tool was a Windows-based program that was referred to as “Jian” until the Microsoft vulnerability was patched
Hacking group TeamTNT has been employing new malware referred to as the Hildegard malware to infiltrate Kubernetes systems, according to research from Palo Alto Networks. In the summer of 2020, the APT was targeting both Docker and Kubernetes systems through a different method, a crypto-mining worm that was able to
Turla cyberspies were linked to the SolarWinds breach due to similarities in the malware used in the attack and Kazuar, a backdoor used. The hackers are believed to be based in Russia and targeted the SolarWinds company in a sophisticated attempt to breach the system of hundreds of high-profile organizations.
The threat actor group referred to as Extreme Jackal, Gaza Hackers Team, Gaza Cybergang, and Moonlight has been active since 2012 and mainly focused on conducting cyberattacks against targets in the Middle East. The group has allegedly been using two malware families, Spark and Pierogi alongside two new backdoors named
Kaspersky researchers have detected a trend in APT groups diversifying their toolsets in the third quarter, representing a larger increase in sophistication of attacks between Q2 and Q3 of 2020 than other years. APTs typically tend to resort to traditional tactics and procedures that have been working for years, however,