September 10, 2024 at 11:36AM China’s state-sponsored threat actor, Mustang Panda, is utilizing self-propagating malware spread through USB drives and spear-phishing to target various government entities in the Asia-Pacific region. The group’s tactics have evolved to include new vectors for initial entry, with a focus on specific countries and sectors. Trend Micro researchers advise continuous … Read more
September 9, 2024 at 03:44AM Earth Preta has enhanced its attacks by incorporating new malware and strategies, such as the propagation of PUBLOAD via a variant of the worm HIUPAN. Additional tools like FDMTP and PTSOCKET are utilized to extend control and data exfiltration capabilities. These attacks are highly targeted and time-sensitive, focusing on specific … Read more
April 5, 2024 at 04:33AM Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are facing targeted attacks by a sophisticated threat called JSOutProx, utilizing both JavaScript and .NET. The attacks have been traced back to threat actor Solar Spider and involve leveraging spear-phishing emails and various malicious activities. Cybersecurity company … Read more
March 6, 2024 at 02:15AM A new cyber attack targeting a financial entity in Vietnam was linked to Lotus Bane, an advanced persistent threat group with methods overlapping those of OceanLotus. This suggests possible connections with or inspirations from OceanLotus, though the different target industries indicate potential differences. Financial organizations worldwide have been targeted by … Read more
October 18, 2023 at 05:33AM The Asia-Pacific region is experiencing a cyber espionage campaign called TetrisPhantom, in which government entities are the primary targets. The attackers exploit secure USB drives with hardware encryption to gather sensitive data. The campaign is sophisticated and likely the work of a nation-state group. In addition, a new APT actor … Read more