HackDig : Dig high-quality web security articles

Experts blame North Korea-linked Lazarus APT for the Harmony hack

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. 
Publish At:2022-06-30 14:10 | Read:130 | Comments:0 | Tags:APT Breaking News Digital ID Hacking hacking news informatio

Immigration organisations targeted by APT group Evilnum

Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat (APT) attacks. Bleeping Computer reports that European organisations, specifically, are under threat from the Evilnum hacking group. Evilnum, on the APT scene since 2018 at the earliest and perhaps most well known for targeting the financial sect
Publish At:2022-06-30 11:52 | Read:126 | Comments:0 | Tags:Cybercrime advanced persistent threat APT evilnum immigratio

The SessionManager IIS backdoor

Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didn’t come back empty-handed… In 2021, we noticed a trend among several threat actors for deploying a backdoor within IIS after exploiting one of the ProxyLogo
Publish At:2022-06-30 05:09 | Read:229 | Comments:0 | Tags:APT reports APT Backdoor Malware Descriptions Malware Techno

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The experts ob
Publish At:2022-06-26 09:59 | Read:351 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Bronze Starlight Chin

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), published a joint advisory to warn of hacking attempts exploiting the Log4Shell flaw in VMware Horizon serve
Publish At:2022-06-24 11:10 | Read:203 | Comments:0 | Tags:APT Breaking News Hacking Security CISA hacking news IT Info

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity cluster with ties to China-linked APT Tropic Trooper (aka Earth Centaur, KeyBoy, and Pirate Panda) which involved the use of a previously undescribed loader (dubbed “Nimbda”) written in Nim la
Publish At:2022-06-23 15:20 | Read:289 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware hacking news

New ToddyCat APT targets high-profile entities in Europe and Asia

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The threat actors initiall
Publish At:2022-06-21 11:08 | Read:209 | Comments:0 | Tags:APT Breaking News Hacking China Chopper hacking news informa

APT ToddyCat

ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. We still have little information about this actor, but we know that its main distinctive signs are two formerly unknown tools that we call &#
Publish At:2022-06-21 06:17 | Read:306 | Comments:0 | Tags:APT reports APT Backdoor Dropper Encryption Malware Descript

Russian APT28 hacker accused of the NATO think tank hack in Germany

The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NAT
Publish At:2022-06-20 18:28 | Read:213 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence APT28 G

‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace

Introduction When reports of a cyberattack appear in the headlines, questions abound regarding who launched it and why. Even if an attacker has what are to it perfectly rational reasons for conducting such an attack, these reasons are often known only to them. The rest of the world, including the victims of the attack, must often engage in some degree of spe
Publish At:2022-06-20 06:17 | Read:252 | Comments:0 | Tags:Publications APT Cybercrime Cybercrime Legislation Malware T

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. Volexity researchers discovered that the zero-day vulnerability, tracked as CVE-2022-1040, in Sophos Firewall was exploited by Chinese threat actors to compromise a company and cloud-hosted web servers it was operating.
Publish At:2022-06-17 19:16 | Read:494 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China CVE-202

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that “multiple adversaries and nation-state actors” are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background At the start of June, researchers discovere
Publish At:2022-06-14 09:02 | Read:241 | Comments:0 | Tags:Exploits and vulnerabilities APT Atlassian confluence nation

API Security Best Practices

Organizations face the constant need to protect these APIs from attacks so they can protect organizational data. Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by ensuring seamless access to data and interaction with external software components and services. APIs are the gateway to providing the high se
Publish At:2022-06-14 06:34 | Read:377 | Comments:0 | Tags:Breaking News Security API APT Hacking hacking news informat

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s Computer Emergency Response Team (CERT) is warning that the Russia-linked Sandworm APT may be exploiting the recently discovered Follina RCE. The issue, tracked as CVE-2022-30190, impacts the Mi
Publish At:2022-06-13 15:05 | Read:273 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware CERT-UA Foll

GALLIUM APT used a new PingPull RAT in recent campaigns

China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe, and Africa. China-linked Gallium APT (aka Softcell) used a previously undocumented remote access Trojan dubbed PingPull in recent attacks aimed at organizations in Southeast Asia, Europe, and Africa.
Publish At:2022-06-13 11:07 | Read:330 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware Gallium apt h

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3