Security News
Remember the Shadow Brokers, the mysterious group that stole and leaked a collection of NSA files in 2016? Well, it's the gift that keeps on giving. A security researcher claims to have unearthed a previously-unknown APT group after reading over some of the dumped files.
Now, security firm ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been joining the fray and hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways. Specific flaws needing to be patched include CVE-2019-11510 in Pulse Secure's VPN SSL servers, CVE-2018-13379 in Fortigate's SSL VPN servers, and CVE-2019-1579 in Palo Alto Network VPN servers, all of which ClearSky says Fox Kitten is now exploiting.
Now, security firm ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been joining the fray and hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways. Specific flaws needing to be patched include CVE-2019-11510 in Pulse Secure's VPN SSL servers, CVE-2018-13379 in Fortigate's SSL VPN servers, and CVE-2019-1579 in Palo Alto Network VPN servers, all of which ClearSky says Fox Kitten is now exploiting.
TA505 - a sophisticated advanced persistent threat group that has targeted financial companies and retailers in several countries, including the U.S. - has returned with a campaign that uses HTML redirectors to deliver malicious Excel documents, according to Microsoft and other security researchers. This threat group is believed to have caused over $100 million in losses over the years, according to the U.S. Treasury Department, which published a report about the group in December when it issued sanctions against some of its members.
APT32/OceanLotus Suspected in Espionage IncidentHackers suspected to be based in Vietnam compromised the network of German automaker BMW to attempt industrial espionage, according to German media...
New Malware 'Messagetap' Intercepts Communications for Espionage, Researchers SayThe Chinese advanced threat group APT41 is using a new espionage tool to intercept SMS messages from specific phone...
UK and US Intelligence Agencies Report That Turla Group Seized OilRig APT AssetsTurla, an advanced persistent threat group with apparent ties to Russia, seized attack infrastructure and tools used...
U.S. and U.K. agencies warn consumers to update technologies from Fortinet, Pulse Secure and Palo Alto Networks to mitigate attacks that are likely coming from China
Researchers Find That State-Sponsored Cyberespionage Groups Seldom Share CodeAPT groups that are backed by the Russian government rarely share code with each other, fostering a competitive...
Hackers Have Attacked at Least 12 Targets Since 2018, Symantec Researchers SayA Chinese advanced persistent threat group dubbed "Thrip" has attacked at least 12 organizations in Southeast Asia...