HackDig : Dig high-quality web security articles

Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack

Ukrainian government attributes the recent attacks against tens of Ukrainian government websites to Belarusian APT group UNC1151. The government of Kyiv attributes the defacement of tens of Ukrainian government websites to Belarusian APT group UNC1151, the Reuters agency reported in exclusive. Defaced websites were displaying the following message in Rus
Publish At:2022-01-17 06:24 | Read:113 | Comments:0 | Tags:APT Breaking News hacking news information security news IT

Microsoft spotted a destructive malware campaign targeting Ukraine

Microsoft spotted a new destructive malware operation targeting government, non-profit, and IT entities in Ukraine. Microsoft spotted a destructive attack that targeted government, non-profit, and IT entities in Ukraine with a wiper disguised as ransomware. The attackers were discovered by Microsoft on January 13, the experts attributed the attack to
Publish At:2022-01-16 13:00 | Read:156 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware

North Korea-linked APT BlueNoroff focuses on crypto theft

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The nation-state actor is considered a group that operates under the control of the noto
Publish At:2022-01-14 13:00 | Read:86 | Comments:0 | Tags:APT Breaking News Hacking Malware BlueNoroff APT cryptocurre

USCYBERCOM: MuddyWater APT is linked to Iran’s MOIS intelligence

US Cyber Command (USCYBERCOM) has officially linked the Iran-linked MuddyWater APT group to Iran’s Ministry of Intelligence and Security (MOIS). USCYBERCOM has officially linked the Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros) to Iran’s Ministry of Intelligence and Security (MOIS). The first MuddyWater campaign
Publish At:2022-01-13 06:24 | Read:179 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware information s

SysJoker, a previously undetected cross-platform backdoor made the headlines

Security researchers found a new cross-platform backdoor, dubbed SysJoker, the is suspected to be the work of an APT group. Security experts from Intezer discovered a new backdoor, dubbed SysJoker, that is able to infect Windows, macOS, and Linux systems. The experts spotted a Linux variant of the backdoor in December while investigating an attack agai
Publish At:2022-01-13 02:28 | Read:199 | Comments:0 | Tags:APT Breaking News Malware backdoor Hacking hacking news info

Russia-linked threat actors targets critical infrastructure, US authorities warn

US authorities warn critical infrastructure operators of the threat of cyberattacks orchestrated by Russia-linked threat actors. US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Rus
Publish At:2022-01-12 18:12 | Read:120 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking CISA hacking news in

Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor

Iran-linked APT35 group has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor. Iran-linked APT35 cyberespionege group (aka ‘Charming Kitten‘ or ‘Phosphorus‘) has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor, Check Point researchers states. The experts also details the
Publish At:2022-01-12 10:20 | Read:188 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware APT35 backdo

Indian-linked Patchwork APT infected its own system revealing its ops

The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An India-linked threat actor, tracked as Patchwork (aka Dropping Elephant), employed a new variant of the BADNEWS backdoor, dubbed Ragnatela (“spider web” in Italian), in a recent campaign. However, the group made the headlines
Publish At:2022-01-10 10:53 | Read:187 | Comments:0 | Tags:APT Breaking News Hacking Malware hacking news information s

Patchwork APT caught in its own web

Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks. In its most recent campaign from late November to early December 2021, Patchwork has used malicious RTF files to drop a variant of the BADNEWS (Ragnatela) Remote Administration Trojan (RAT). What is interesting among victim
Publish At:2022-01-07 16:41 | Read:234 | Comments:0 | Tags:Threat Intelligence APT BADNEWS india Pakistan Patchwork Rag

North Korea-linked Konni APT targets Russian diplomatic bodies

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carr
Publish At:2022-01-06 18:11 | Read:218 | Comments:0 | Tags:APT Breaking News Cyber Crime Cyber warfare Mobile Cyberespi

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. According to South Korean media outlet Chosun, North Korean threat actors have stolen around $1.7 billion (2 trillion won)
Publish At:2022-01-02 13:00 | Read:202 | Comments:0 | Tags:APT Breaking News Cyber Crime Cyber warfare Hacking Malware

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

A previously unknown rootkit, dubbed iLOBleed, was used in attacks aimed at HP Enterprise servers that wiped data off the infected systems. iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out (iLO) server management technology to tamper with the firmware modules and wipe data off the inf
Publish At:2021-12-30 14:15 | Read:328 | Comments:0 | Tags:APT Breaking News Malware Cybercrime hacking news HP iLOBlee

China-linked APT group Aquatic Panda leverages Log4Shell in recent attack

China-linked APT group Aquatic Panda is exploiting the Log4Shell vulnerability to compromise a large academic institution. China-linked cyberespionage group Aquatic Panda was spotted exploiting the Log4Shell vulnerability (CVE 2021-44228) in an attack aimed at a large academic institution. According to the Crowdstrike OverWatch team, the APT group is
Publish At:2021-12-30 02:27 | Read:252 | Comments:0 | Tags:APT Breaking News Hacking Aquatic Panda Cybersecurity cybers

China-linked BlackTech APT uses new Flagpro malware in recent attacks

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. Attacks using Flagpro targeted multiple companies in Defense, Media, and Communicat
Publish At:2021-12-29 06:23 | Read:315 | Comments:0 | Tags:APT Breaking News Malware BlackTech Cybersecurity cybersecur

DoubleFeature, post-exploitation dashboard used by Equation Group APT

Researchers analyzed the DoubleFeature logging tool of DanderSpritz Framework that was used by the Equation Group APT group. Check Point researchers have published a detailed analysis of the DoubleFeature tool used to log post-exploitation activities in attacks conducted by the Equation Group and involving the DanderSpritz malware framework. DanderSpri
Publish At:2021-12-28 10:19 | Read:377 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware DanderSpritz

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3