Security experts at 401TRG, the threat research and analysis team at ProtectWise, have discovered links between several Chinese APT groups under the Winnti umbrella. The experts analyzed several campaigns conducted by the cyber espionage groups over...
Security researchers from Kaspersky Lab have uncovered a new cyber-espionage APT group tracked ZooPark that targeted entities in the Middle East during the past three years. ZooPark APT has been active at least since 2015 and has shown a growing level...
Recently, several LoJack agents were found to be connecting to servers that are believed to be controlled by the notorious Russia-linked Fancy Bear APT group. LoJack for laptops is a security software designed to catch computer thieves, but it could...
The Thai authorities with the support of the ThaiCERT and security first McAfee have seized a server used by North Korean Hidden Cobra APT as part of the Op GhostSecret campaign. The Thai authorities with the support of the ThaiCERT have seized a server...
Kaspersky analyzed the served compromised by the Energetic Bear APT and assumed with some degree of certainty that the group operates in the interests of or takes orders from customers that are external to it. Security experts at Kaspersky Lab ICS CERT...
Security researchers at the 360 Core Security observed an APT group exploiting a zero-day vulnerability in IE, dubbed ‘double play’. The flaw is still unfixed. Security researchers at the 360 Core Security uncovered a zero-day vulnerability in IE, dubbed ‘double...
UK NCSC, DHS, and the FBI warn of Russian hacking campaign on Western networks, state-sponsored hackers are targeting network infrastructure key components. US and Britain government agencies warn of Russian state-sponsored cyber attacks to compromise...
The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems...
A new variant of the infamous Agent Tesla spyware was spotted by experts at Fortinet, the malware has been spreading via weaponize Microsoft Word documents. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system...
Security experts at Trend Micro have discovered a new macOS backdoor that they linked to the APT 32 (OceanLotus, APT-C-00, SeaLotus, and Cobalt Kitty) cyber espionage group. The APT32 group has been active since at least 2013, according to the experts...