HackDig : Dig high-quality web security articles

New FamousSparrow APT group used ProxyLogon exploits in its attacks

Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, g
Publish At:2021-09-24 01:36 | Read:102 | Comments:0 | Tags:APT Breaking News Hacking Cyberespionage cyberespionahe Famo

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US

Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. The threat actors are using the backdo
Publish At:2021-09-21 16:46 | Read:126 | Comments:0 | Tags:APT Breaking News Malware Hacking hacking news information s

Large phishing campaign targets EMEA and APAC governments

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries.  Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries.  The phishing campaign has been ongoing since spring 2020 when the domains we
Publish At:2021-09-20 14:25 | Read:57 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Cybercrime hacking ne

FBI and CISA warn of APT groups exploiting ADSelfService Plus

In a joint advisory the FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) warn that advanced persistent threat (APT) cyber-actors may be exploiting a vulnerability in ManageEngine’s single sign-on (SSO) solution. The vulnerability Publicly disclosed computer security flaws
Publish At:2021-09-17 11:20 | Read:107 | Comments:0 | Tags:Exploits and vulnerabilities adselfservice plus APT cgcyber

FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn that nation-state APT groups are actively exploiting a critical vulnerability, tracked as CVE-2021-40539, in the Zoho ManageEngine ADSelfService
Publish At:2021-09-16 18:45 | Read:188 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2021-40539 hacking ne

Grayfly APT uses recently discovered Sidewalk backdoor

Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage
Publish At:2021-09-10 11:35 | Read:246 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence Malware

New variant of Konni RAT used in a campaign that targeted Russia

So far, Konni RAT has managed to evade detection as only 3 security solutions on VirusTotal were able to detect the malware. Researchers from Malwarebytes Labs spotted an ongoing malware campaign that is targeing Russia with the Konni RAT. Security researchers at Malwarebytes Labs have uncovered an ongoing malware campaign that is mainly targeting Russ
Publish At:2021-08-30 04:57 | Read:461 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware APT37 Hacking hackin

NK-linked InkySquid APT leverages IE exploits in recent attacks

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. Experts from cybersecurity firm Volexity reported that North Korea-linked InkySquid group (aka ScarCruft, APT37, Group123, and Reaper) leverages two Internet Explorer exploits to deliver a custom back
Publish At:2021-08-19 03:04 | Read:69 | Comments:0 | Tags:APT Cyber warfare Hacking Security APT37 Cybersecurity cyber

The Next Disruptive ICS Attacker: An Advanced Persistent Threat (APT)?

No discussion on ICS attacks could be complete without talking about what some would call, ‘the elephant in the room.’Critical infrastructure has always been a target for warfare, and modern ICS are no exception. Several high-profile ICS disruptions have in fact been attributed to malicious hackers working at the behest of a military or intelligence agency.L
Publish At:2021-08-19 02:08 | Read:512 | Comments:0 | Tags:ICS Security APT ICS Vulnerabilties operational technology t

IT threat evolution Q2 2021

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. Th
Publish At:2021-08-12 08:40 | Read:817 | Comments:0 | Tags:Malware reports Apple MacOS APT Browser Cybercrime Google An

UNC215, an alleged China-linked APT group targets Israel orgs

China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing the attacks was from Iran. A China-linked cyber-espionage group has targeted Israeli organizations and government institutions in a campaign that began in January 2019. The attacks were detailed by cybersecur
Publish At:2021-08-11 13:27 | Read:492 | Comments:0 | Tags:APT Breaking News Cyber warfare Intelligence Chinese hackers

China-linked APT31 targets Russia for the first time

China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. Researchers from Positive Technologies reported that China-linked APT31 group has been using a new piece of malware in a recent wave of attacks targeting Mongolia, Belarus, Canada, the United States, and Russia. Exp
Publish At:2021-08-04 12:27 | Read:661 | Comments:0 | Tags:APT Hacking APT31 China Cyberespionage Cybersecurity cyberse

China-linked APT groups target telecom companies in Southeast Asia

China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. Cybereason researchers identified three clusters of activity associated with China-linked threat actors that carried out a series of attacks against networks of at least five major telecommunications companies loc
Publish At:2021-08-03 16:57 | Read:503 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking China cyberepionage

GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia

Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile vict
Publish At:2021-08-01 13:00 | Read:510 | Comments:0 | Tags:APT Breaking News Hacking China Cybercrime GhostEmperor hack

APT trends report Q2 2021

For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They
Publish At:2021-07-29 07:58 | Read:519 | Comments:0 | Tags:APT reports APT Chinese-speaking cybercrime Data theft Malwa

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud