Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the […]
Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. Researchers from Proofpoint have uncovered a new threat actor, dubbed Balikbayan Foxes (TA2722) that is impersonating the Philippine health, labor, and customs organizations as well as […]
North Korea-linked Lazarus APT group is extending its operations and started targeting the IT supply chain on new targets. North Korea-linked Lazarus APT group is now targeting also IT supply chain, researchers from Kaspersky Lab warns. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]
A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Researchers from Amnesty International have uncovered a cyberespionage campaign tracked as ‘Donot Team‘ (aka APT-C-35) which was orchestrated by threat actors in India and Pakistan. Experts believe the attackers used a spyware developed […]
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Previously undetected FontOnLake Linux malware used in targeted attacks Google addresses four high-severity flaws in Chrome Security […]
Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms Cybereason Nocturnus and Incident Response Teams discovered a new threat actor that is targeting organizations in the aerospace and telecommunications sectors with the ShellClient malware as part […]
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom malware, dubbed FoggyWeb used by the Nobelium APT group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. […]
Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, governments, and private companies worldwide. According […]
Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. The threat actors are using […]
Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage group in an attack aimed at a computer retail company […]