While investigating a cyber attack on the Microsoft Exchange server of an organization in Kuwait, experts found two new Powershell backdoors. Security experts from Palo Alto Networks have spotted two never-before-detected Powershell backdoors while...
A new Chinese APT group, tracked as KilllSomeOne, appeared in the threat landscape targeting corporate organizations in Myanmar. A new Chinese APT group, tracked as KilllSomeOne, was spotted by researchers at Sophos. The advanced cyber-espionage group...
A sophisticated threat actor, tracked as UNC1945, has been observed exploiting vulnerabilities in the Oracle Solaris operating systems for over two years. Researchers from FireEye reported that a sophisticated threat actor, tracked as UNC1945, has been...
North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium, Velvet Chollima) was recently...
Experts uncovered a new watering hole attack, dubbed Operation Earth Kitsune, targeting the Korean diaspora that exploits flaws in web browsers. Researchers at Trend Micro have disclosed details about a new watering hole campaign, dubbed Operation...
US Cyber Command published technical details on malware implants used by Russia-linked APTs on multiple parliaments, embassies US Cyber Command shared technical details about malware implants employed by Russian hacking groups in attacks against multiple...
Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla...
Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. Microsoft revealed that Iran-linked APT Phosphorus (aka APT35, Charming Kitten, Newscaster, and Ajax...
The Iran-linked cyber espionage group tracked as Seedworm started using a new downloader and is conducting destructive attacks. The Iran-linked cyber-espionage group Seedworm (aka MuddyWater MERCURY, and Static Kitten) was observed using a new downloader...
The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau...