HackDig : Dig high-quality web security articles

Technical analysis of China-linked Earth Preta APT’s infection chain

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze
Publish At:2023-03-27 08:56 | Read:23084 | Comments:0 | Tags:APT Breaking News Hacking Malware Earth Preta hacking news i

Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397

Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authenticati
Publish At:2023-03-26 12:30 | Read:25835 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2023-23397 Cyberespio

China-linked hackers target telecommunication providers in the Middle East

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft
Publish At:2023-03-24 17:28 | Read:46066 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict

Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously un
Publish At:2023-03-21 21:26 | Read:100453 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware backdoor Comm

2022 Zero-Day exploitation continues at a worrisome pace

Experts warn that 55 zero-day vulnerabilities were exploited in attacks carried out by ransomware and cyberespionage groups in 2022. Cybersecurity firm Mandiant reported that ransomware and cyberespionage groups exploited 55 zero-day flaws in attacks in the wild. Most of the zero-day vulnerabilities were in software from Microsoft, Google, and Apple.
Publish At:2023-03-21 13:30 | Read:150823 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Reports Security hack

Bad magic: new APT found in the area of Russo-Ukrainian conflict

Since the start of the Russo-Ukrainian conflict, Kaspersky researchers and the international community at large have identified a significant number of cyberattacks executed in a political and geopolitical context. We previously published an overview of cyber activities and the threat landscape related to the conflict between Russia and Ukraine and continue
Publish At:2023-03-21 05:17 | Read:92234 | Comments:0 | Tags:APT reports APT Backdoor Cloud services CommonMagic Malware

China-linked APT likely linked to Fortinet zero-day attacks

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328, in attacks aimed at government organizations. A few days ago, Fortinet researchers warned of an advanced thre
Publish At:2023-03-17 10:20 | Read:90830 | Comments:0 | Tags:APT Hacking Intelligence Malware Fortinet hacking news infor

Russia-linked APT29 abuses EU information exchange systems in recent attacks

Russia-linked APT29 group abused the legitimate information exchange systems used by European countries to target government entities. Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBe
Publish At:2023-03-15 22:38 | Read:189645 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence Malware

YoroTrooper APT group targets CIS countries and embassies

A new APT group, dubbed YoroTrooper, has been targeting government and energy organizations across Europe, experts warn. Cisco Talos researchers uncovered a new cyber espionage group targeting CIS countries, embassies and EU health care agency since at least June 2022. The APT group focuses on government or energy organizations in Azerbaijan, Tajikista
Publish At:2023-03-15 18:40 | Read:119942 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Cyberespionage hackin

Dark Pink APT targets Govt entities in South Asia

Researchers reported that Dark Pink APT employed a malware dubbed KamiKakaBot against Southeast Asian targets. In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. The activity of the group was
Publish At:2023-03-13 11:44 | Read:87605 | Comments:0 | Tags:APT Breaking News Hacking Malware Dark Pink APT hacking news

SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers

Alleged China-linked threat actors infected unpatched SonicWall Secure Mobile Access (SMA) appliances with a custom backdoor. Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. The malware allows attackers to steal user credentials, achieve persistence throu
Publish At:2023-03-09 16:30 | Read:214713 | Comments:0 | Tags:APT Breaking News Hacking Malware China hacking news informa

China-linked APT Sharp Panda targets government entities in Southeast Asia

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia. The state-sponsored hackers used
Publish At:2023-03-08 06:58 | Read:130855 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

MQsTTang, a new backdoor used by Mustang Panda APT against European entities

China-Linked Mustang Panda APT employed MQsTTang backdoor as part of an ongoing campaign targeting European entities. China-linked Mustang Panda APT group has been observed using a new backdoor, called MQsTTang, in attacks aimed at European entities. The hacking campaign began in January 2023, ESET researchers pointed out that the custom back
Publish At:2023-03-03 11:56 | Read:105419 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

ENISA and CERT-EU warns Chinese APTs targeting EU organizations

A joint report published by ENISA and CERT-EU warns of Chinese APTs targeting businesses and government organizations in the European Union. The European Union Agency for Cybersecurity (ENISA) and CERT-EU warn of multiple China-linked threat actors targeting businesses and government organizations in the EU. The joint report focus on cyber activities c
Publish At:2023-02-19 15:50 | Read:129673 | Comments:0 | Tags:APT Breaking News Hacking Intelligence CERT-EU China ENISA h

IoC detection experiments with ChatGPT

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such as answering questions, summarizing text, and even solving cyber
Publish At:2023-02-15 07:37 | Read:96706 | Comments:0 | Tags:Research APT ChatGPT neural networks Researchers tools Threa

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud