APT

Pierluigi Paganini June 20, 2021
Norway blames China-linked APT31 for 2018 government hack

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. The attribution of the attack to the APT31 grouo is based […]

Pierluigi Paganini June 19, 2021
North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. South Korean representatives declared on Friday that North Korea-linked APT group Kimsuky is believed to have breached the internal network of the South Korean Atomic Energy Research Institute (KAERI). The Korea Atomic Energy Research Institute (KAERI) in Daejeon, South Korea […]

Pierluigi Paganini June 19, 2021
RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts from Recorded Future’s Insikt Group linked a series of attacks, part of RedFoxtrot China-linked campaigns, to the PLA China-linked Unit 69010 The cyber-espionage campaigns dated back 2014 and focused on gathering military intelligence […]

Pierluigi Paganini June 18, 2021
The return of TA402 Molerats APT after a short pause

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East. The TA402 APT group (aka Molerats and Gaza Cybergang) is back after a two-month of apparent inactivity, it is targeting government institutions in the Middle East and global government entities with interest in the region. MoleRATs is […]

Pierluigi Paganini June 17, 2021
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Researchers from Kaspersky reported that Iran-linked threat actors, tracked as Ferocious Kitten, used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on […]

Pierluigi Paganini June 13, 2021
BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

ESET researchers discovered an advanced persistent threat (APT) group, tracked as BackdoorDiplomacy, that is targeting diplomats across Africa and the Middle East.  ESET researchers spotted a new state-sponsored group, dubbed BackdoorDiplomacy, that was behind a series of cyberattacks against Ministries of Foreign Affairs aimed at numerous African countries, the Middle East, Europe, and Asia. The group […]

Pierluigi Paganini June 10, 2021
Russia-linked APT breached the network of Dutch police in 2017

Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17. Russia-linked threat actors breached the internal network of Dutch police in 2017 during the investigation into the MH-17 crash. The intrusion was uncovered by AIVD, the Dutch intelligence service, but was not disclosed by […]

Pierluigi Paganini June 07, 2021
Russia behind a massive spear-phishing campaign that hit Ukraine

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. Three Ukrainian cybersecurity agencies (Ukrainian Secret Service, Ukrainian Cyber Police, and CERT Ukraine), including the Ukrainian Secret Service, warned last week of a “massive” spear-phishing campaign conducted by Russia-linked hackers against its government and organizations in the private […]

Pierluigi Paganini June 06, 2021
Chinese SharpPanda APT developed a new backdoor in the last 3 years

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments.   Researchers from Check Point Research (CPR) discovered a new backdoor while investigating a cyber espionage campaign conducted by Chinese APT group SharpPanda and aimed at Southeast Asian government’s Ministry of Foreign […]

Pierluigi Paganini June 04, 2021
China-linked attackers breached Metropolitan Transportation Authority (MTA) using Pulse Secure zero-day

China-linked APT breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. China-linked threat actors breached the network of the New York City’s Metropolitan Transportation Authority (MTA) network exploiting a Pulse Secure zero-day. The intrusion took place in April, but attackers did not cause any damage because they were […]