HackDig : Dig high-quality web security articles

Belgium claims China-linked APT groups hit its ministries

The Minister for Foreign Affairs of Belgium blames multiple China-linked threat actors for attacks against The country’s defense and interior ministries. The Minister for Foreign Affairs of Belgium revealed that multiple China-linked APT groups targeted the country’s defense and interior ministries. “Belgium exposes maliciou
Publish At:2022-07-20 02:04 | Read:266 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence Belgium

Russia-linked APT29 relies on Google Drive, Dropbox to evade detection

Russia-linked threat actors APT29 are using the Google Drive cloud storage service to evade detection. Palo Alto Networks researchers reported that the Russia-linked APT29 group, tracked by the researchers as Cloaked Ursa, started using the Google Drive cloud storage service to evade detection. The Russia-linked APT29 group (aka SVR,&nbs
Publish At:2022-07-19 10:00 | Read:331 | Comments:0 | Tags:APT Breaking News Cyber warfare Intelligence Malware APT29 D

APT groups target journalists and media organizations since 2021

Researchers from Proofpoint warn that various APT groups are targeting journalists and media organizations since 2021. Proofpoint researchers warn that APT groups are regularly targeting and posing as journalists and media organizations since early 2021. The media sector is a privileged target for this category of attackers due to the access its operat
Publish At:2022-07-17 01:28 | Read:347 | Comments:0 | Tags:APT Breaking News Hacking Malware hacking news information s

North Korean APT targets US healthcare sector with Maui ransomware

State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health (HPH) sector for the past year using the Maui ransomware, according to a joint cybersecurity advisory (CSA) from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury. CISA Director Jen Easterly also announced t
Publish At:2022-07-10 20:00 | Read:394 | Comments:0 | Tags:Ransomware APT cisa conti Cybersecurity and Infrastructure S

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. The FBI, CISA, and the U.S. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. “The
Publish At:2022-07-07 11:10 | Read:605 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Reports APT hackin

Less popular, but very effective, Red-Teaming Tool BRc4 used in attacks in the wild

Threat actors are abusing legitimate adversary simulation software BRc4 in their campaigns to evade detection. Researchers from Palo Alto Networks Unit 42 discovered that a sample uploaded to the VirusTotal database on May 19, 2022 and considered benign by almost all the antivirus, was containing a payload associated with Brute Ratel C4 (BRc4),
Publish At:2022-07-06 13:22 | Read:429 | Comments:0 | Tags:APT Breaking News Hacking hacking news information security

Experts blame North Korea-linked Lazarus APT for the Harmony hack

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. 
Publish At:2022-06-30 14:10 | Read:385 | Comments:0 | Tags:APT Breaking News Digital ID Hacking hacking news informatio

Immigration organisations targeted by APT group Evilnum

Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat (APT) attacks. Bleeping Computer reports that European organisations, specifically, are under threat from the Evilnum hacking group. Evilnum, on the APT scene since 2018 at the earliest and perhaps most well known for targeting the financial sect
Publish At:2022-06-30 11:52 | Read:412 | Comments:0 | Tags:Cybercrime advanced persistent threat APT evilnum immigratio

The SessionManager IIS backdoor

Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didn’t come back empty-handed… In 2021, we noticed a trend among several threat actors for deploying a backdoor within IIS after exploiting one of the ProxyLogo
Publish At:2022-06-30 05:09 | Read:569 | Comments:0 | Tags:APT reports APT Backdoor Malware Descriptions Malware Techno

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The experts ob
Publish At:2022-06-26 09:59 | Read:1123 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Bronze Starlight Chin

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), published a joint advisory to warn of hacking attempts exploiting the Log4Shell flaw in VMware Horizon serve
Publish At:2022-06-24 11:10 | Read:978 | Comments:0 | Tags:APT Breaking News Hacking Security CISA hacking news IT Info

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity cluster with ties to China-linked APT Tropic Trooper (aka Earth Centaur, KeyBoy, and Pirate Panda) which involved the use of a previously undescribed loader (dubbed “Nimbda”) written in Nim la
Publish At:2022-06-23 15:20 | Read:809 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware hacking news

New ToddyCat APT targets high-profile entities in Europe and Asia

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The threat actors initiall
Publish At:2022-06-21 11:08 | Read:556 | Comments:0 | Tags:APT Breaking News Hacking China Chopper hacking news informa

APT ToddyCat

ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. We still have little information about this actor, but we know that its main distinctive signs are two formerly unknown tools that we call &#
Publish At:2022-06-21 06:17 | Read:783 | Comments:0 | Tags:APT reports APT Backdoor Dropper Encryption Malware Descript

Russian APT28 hacker accused of the NATO think tank hack in Germany

The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NAT
Publish At:2022-06-20 18:28 | Read:427 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence APT28 G

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud