July 8, 2024 at 05:43PM A new cyber espionage actor, “CloudSorcerer,” is targeting Russian government organizations with sophisticated malware, leveraging public cloud services for C2 and purposes. The group’s primary malware tool has multiple functions including covert monitoring and data collection, and it dynamically adapts its behavior based on its execution context, posing a challenge … Read more
July 8, 2024 at 12:34PM A new cyber espionage group called CloudSorcerer has been detected targeting Russian government entities using cloud services for command-and-control (C2) and data exfiltration. The group’s innovative tactics and use of cloud resources, including Microsoft Graph, Yandex Cloud, Dropbox, and GitHub, demonstrates a sophisticated approach to cyber espionage and data collection. … Read more
July 8, 2024 at 11:48AM Kaspersky has reported a new advanced persistent threat (APT) actor named CloudSorcerer targeting Russian government entities for cyberespionage. The actor exfiltrates data using Dropbox, Microsoft Graph, and Yandex Cloud, while utilizing public cloud services for command-and-control infrastructure. This technique is different from that of the CloudWizard APT, leading Kaspersky to … Read more