Security News

TeamViewer's corporate network was breached in alleged APT hack
2024-06-27 18:29

The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. "On Wednesday, 26 June 2024, our security team detected an irregularity in TeamViewer's internal corporate IT environment," TeamViewer said in a post to its Trust Center.

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
2024-05-23 11:14

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation...

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
2024-05-17 08:46

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea's Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear...

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks
2024-04-17 13:32

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The...

Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries
2024-03-27 04:20

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a...

New APT Group 'Lotus Bane' Behind Recent Attacks on Vietnam's Financial Entities
2024-03-06 07:01

A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the...

Blackwood APT delivers malware by hijacking legitimate software update requests
2024-01-25 11:19

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant.

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
2024-01-20 03:11

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other...

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor
2023-12-11 13:59

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor known as...

New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
2023-11-25 05:08

An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web...