Security News

GoldenJackal APT group breaches air-gapped systems in Europe
2024-10-09 04:00

ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a...

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
2024-08-28 09:00

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East...

New APT Group "CloudSorcerer" Targets Russian Government Entities
2024-07-08 15:42

A previously undocumented advanced persistent threat group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control and data exfiltration. "It's a sophisticated cyber espionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure," the Russian security vendor said.

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
2024-05-23 11:14

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation...

Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries
2024-03-27 04:20

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a...

New APT Group 'Lotus Bane' Behind Recent Attacks on Vietnam's Financial Entities
2024-03-06 07:01

A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the...

Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
2023-09-30 09:21

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed...

Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks
2023-05-31 08:58

The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. Dark Pink, also called Saaiwc Group, is an advanced persistent threat actor believed to be of Asia-Pacific origin, with attacks targeting entities primarily located in East Asia and, to a lesser extent, in Europe.

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
2023-05-11 14:45

A previously undetected advanced persistent threat actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. Red Stinger overlaps with a threat cluster Kaspersky revealed under the name Bad Magic last month as having targeted government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea last year.

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
2023-05-06 11:24

An advanced persistent threat actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," Sophos researcher Gabor Szappanos said.