Security News

Sophisticated Chinese APT Group Targets Southeast Asian Governments
2020-11-18 04:36

A sophisticated advanced persistent threat group believed to be operating out of China has been stealthily targeting Southeast Asian governments over the past three years, Bitdefender reports. Believed to be state-sponsored, the group was observed using numerous malware families, including the Chinoxy backdoor, PCShare RAT, and the FunnyDream backdoor.

APT Groups Finding Success with Mix of Old and New Tools
2020-11-03 19:18

The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds. Advanced persistent threat groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success.

Chinese APT Group Targets Media, Finance, and Electronics Sectors
2020-09-30 08:00

Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. "While we cannot see what Palmerworm is exfiltrating from these victims, the group is considered an espionage group and its likely motivation is considered to be stealing information from targeted companies," the cybersecurity firm said.

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia
2020-05-21 01:11

Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. "Telecommunications firms are attractive targets given that they store large amounts of personal and customer information, provide access to critical infrastructure used for communications, and enable access to a wide range of potential targets across multiple verticals," the company said.

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia
2020-05-21 01:11

Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. "Telecommunications firms are attractive targets given that they store large amounts of personal and customer information, provide access to critical infrastructure used for communications, and enable access to a wide range of potential targets across multiple verticals," the company said.

Shadow Broker leaked NSA files point to unknown APT group
2020-04-24 10:35

Remember the Shadow Brokers, the mysterious group that stole and leaked a collection of NSA files in 2016? Well, it's the gift that keeps on giving. A security researcher claims to have unearthed a previously-unknown APT group after reading over some of the dumped files.

Unpatched VPN Servers Hit by Apparent Iranian APT Groups
2020-02-18 11:03

Now, security firm ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been joining the fray and hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways. Specific flaws needing to be patched include CVE-2019-11510 in Pulse Secure's VPN SSL servers, CVE-2018-13379 in Fortigate's SSL VPN servers, and CVE-2019-1579 in Palo Alto Network VPN servers, all of which ClearSky says Fox Kitten is now exploiting.

APT Groups Planting Backdoors: Report
2020-02-17 22:48

Now, security firm ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been joining the fray and hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways. Specific flaws needing to be patched include CVE-2019-11510 in Pulse Secure's VPN SSL servers, CVE-2018-13379 in Fortigate's SSL VPN servers, and CVE-2019-1579 in Palo Alto Network VPN servers, all of which ClearSky says Fox Kitten is now exploiting.

TA505 APT Group Returns With New Techniques: Report
2020-02-03 18:48

TA505 - a sophisticated advanced persistent threat group that has targeted financial companies and retailers in several countries, including the U.S. - has returned with a campaign that uses HTML redirectors to deliver malicious Excel documents, according to Microsoft and other security researchers. This threat group is believed to have caused over $100 million in losses over the years, according to the U.S. Treasury Department, which published a report about the group in December when it issued sanctions against some of its members.

Vietnamese APT Group Targets BMW, Hyundai: Report
2019-12-10 19:48

APT32/OceanLotus Suspected in Espionage IncidentHackers suspected to be based in Vietnam compromised the network of German automaker BMW to attempt industrial espionage, according to German media...