Google TAG is warning that North Korea-linked hackers targeting security researchers through social media.
Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media.
According to the Google team that focuses on nation-state attacks, a North Korea-linked APT group has targeted exper
Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware and tools.
Microsoft published a new report that includes additional details of the SolarWinds supply chain attack. The new analysis shad lights on the handover from the Solorigate DLL backdoor to the Cobalt Strike loa
Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks.
Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks.
The experts explained how the UNC2452 and other threat actors breached the inf
A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn.
Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnt
Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users.
The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered
Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot, directly involved in the SolarWinds supply chain attack.
According to a new report published by the cybersecurity firm Crowdstrike, a third malware, dubbed SUNSPOT, was involved in the recently disclose SolarWinds supply chain attack.
SUNSPOT was discover
Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar.
Security experts from Kaspersky have identified multiple similarities between the Sunburst malware used in the SolarWinds supply chain attack and the Kazuar backdoor that has been employed in cyber espionage camp
Introduction
On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named “Dark Halo”. FireEye did not link this activity to
Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government.
On December 7 2020 researchers from Malwarebytes uncovered a campaign targeting the South Korean government with a variant of the RokRat RAT.
The experts found a malicious document uploaded to Virus Total related to a meetin
Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group.
Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups.
The experts attribute the attacks to th
Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub.
Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub.
This PowerShell script is also used by threat actors to download a legitimate image f
This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021.
25 December, 2020 – North Korea-linked Lazarus APT targets the COVID-19 research
The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID19 research.
30 Decembe
The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft products.
The threat actors behind the SolarWinds attack could have compromised a small number of internal accounts and used at least one of them to view source code in a number of source code repositories.
Shortly after the disclos
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
A massive fraud operation used mobile device emulators to steal millions from online bank accountsSolarWinds hackers also breached the US NNSA nuclear agencyClop ransomware gang paralyzed flavor and frag
The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research.
The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research.
The activity of the Lazarus APT group surged in 2014 and 2015, its members