September 26, 2024 at 04:19PM Torq, the AI-first security hyperautomation leader, has closed a $70M Series C funding round, raising a total of $112M in 2024 and reaching a $192M funding since its 2020 inception. The company aims to increase expansion across EMEA and APAC, enhance engineering and sales talent, and deliver cutting-edge generative AI … Read more
September 23, 2024 at 02:18AM A suspected APT from China targeted a Taiwanese government organization and other APAC countries by exploiting a security flaw. The activity uses various techniques and malware like Cobalt Strike and EAGLEDOOR to infiltrate and gather data from government and energy sectors. The threat actor’s sophistication and adaptability are notable. Key … Read more
September 19, 2024 at 04:38AM Threat actor Earth Baxia targeted a government organization in Taiwan and possibly other APAC countries using spear-phishing emails and exploiting CVE-2024-36401, a GeoServer vulnerability. Earth Baxia deployed customized Cobalt Strike components and a new backdoor called EAGLEDOOR, which supports multiple communication protocols for information gathering and payload delivery, with evidence … Read more
September 10, 2024 at 11:36AM China’s state-sponsored threat actor, Mustang Panda, is utilizing self-propagating malware spread through USB drives and spear-phishing to target various government entities in the Asia-Pacific region. The group’s tactics have evolved to include new vectors for initial entry, with a focus on specific countries and sectors. Trend Micro researchers advise continuous … Read more
September 9, 2024 at 03:44AM Earth Preta has enhanced its attacks by incorporating new malware and strategies, such as the propagation of PUBLOAD via a variant of the worm HIUPAN. Additional tools like FDMTP and PTSOCKET are utilized to extend control and data exfiltration capabilities. These attacks are highly targeted and time-sensitive, focusing on specific … Read more
April 5, 2024 at 04:33AM Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are facing targeted attacks by a sophisticated threat called JSOutProx, utilizing both JavaScript and .NET. The attacks have been traced back to threat actor Solar Spider and involve leveraging spear-phishing emails and various malicious activities. Cybersecurity company … Read more
March 6, 2024 at 02:15AM A new cyber attack targeting a financial entity in Vietnam was linked to Lotus Bane, an advanced persistent threat group with methods overlapping those of OceanLotus. This suggests possible connections with or inspirations from OceanLotus, though the different target industries indicate potential differences. Financial organizations worldwide have been targeted by … Read more
October 18, 2023 at 05:33AM The Asia-Pacific region is experiencing a cyber espionage campaign called TetrisPhantom, in which government entities are the primary targets. The attackers exploit secure USB drives with hardware encryption to gather sensitive data. The campaign is sophisticated and likely the work of a nation-state group. In addition, a new APT actor … Read more