Security News

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

2024-04-17 13:32

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The...

#APT #attack #backdoor #european #russian

Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries

2024-03-27 04:20

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a...

#APT #aptgroup #chinese #cyberespionage #espionage

New APT Group 'Lotus Bane' Behind Recent Attacks on Vietnam's Financial Entities

2024-03-06 07:01

A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the...

#APT #aptgroup #attack #financial #vietnam

Blackwood APT delivers malware by hijacking legitimate software update requests

2024-01-25 11:19

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant.

#APT #hijacking #malware #update

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

2024-01-20 03:11

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other...

#APT #attack #email #microsoft #russia

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor

2023-12-11 13:59

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor known as...

#APT #backdoor #china #researcher

New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government

2023-11-25 05:08

An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web...

#APT #attack #WEB

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

2023-11-16 13:51

A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity...

#APT #threat #winrar

State-sponsored APTs are leveraging WinRAR bug

2023-10-18 15:00

A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. "The widespread exploitation of the WinRAR bug highlights that exploits for known vulnerabilities can be highly effective, despite a patch being available," Google TAG analysts have noted.

#APT #statesponsored #winrar #CVE-2023-38831

Discord still a hotbed of malware activity — Now APTs join the fun

2023-10-16 21:29

Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens. Threat actors abuse Discord in three ways: leveraging its content delivery network to distribute malware, modifying the Discord client to steal passwords, and abusing Discord webhooks to steal data from the victim's system.

#APT #malware

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News