October 3, 2024 at 02:04PM Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target US government employees and nonprofit organizations worldwide. Linked to Russia’s FSB, the group used spear-phishing attacks to target various victims, including US-based companies and employees from intelligence and defense departments. This … Read more
October 3, 2024 at 12:03PM The US Department of Justice and Microsoft cooperated to seize 107 websites used by Russian cyberspies in a phishing campaign. The targets included US government agencies, think tanks, and other victims. The action disrupted the operations of the Russian Federal Security Service (FSB) hacking unit and led to criminal charges … Read more
October 3, 2024 at 09:45AM Threat actors linked to North Korea have been identified launching a new campaign named SHROUDED#SLEEP targeting Cambodia and other Southeast Asian countries using the VeilShell backdoor and RAT. The group, APT37, is associated with North Korea’s MSS and uses varied tactics for intelligence gathering. The campaign involves sophisticated techniques and … Read more
October 2, 2024 at 12:15PM CeranaKeeper, a new threat actor, has been conducting data exfiltration attacks in Southeast Asia, targeting countries like Thailand, Myanmar, the Philippines, Japan, and Taiwan. Utilizing backdoors through legitimate cloud and file-sharing services, the group demonstrates a relentless and creative approach, with an extensive custom toolset for massive data siphoning. ESET … Read more
October 2, 2024 at 11:24AM Mustang Panda, a Chinese APT group, is conducting a cyber-espionage campaign via malicious emails and the use of Visual Studio Code (VS Code) to distribute Python-based malware. Its tactics include establishing remote access to infected machines, exfiltrating data, and employing legitimate entities like GitHub for unauthorized access. Organizations are advised … Read more
September 26, 2024 at 07:51AM French cybersecurity firm Sekoia discovered a long-running cyber espionage campaign, dubbed SilentSelfie, targeting Kurdish websites. The attacks aimed to steal sensitive information using a watering hole technique and various information-stealing frameworks. The campaign, of low sophistication, affected multiple Kurdish sites, indicating a new threat targeting the Kurdish community. The attackers’ … Read more
September 26, 2024 at 02:57AM Cloudflare has observed an advanced threat actor using multiple cloud service providers for credential harvesting, malware delivery, and command-and-control. The actor, known as SloppyLemming, targets government, law enforcement, energy, education, telecommunications, and technology entities in South and East Asian countries. The attacks involve spear-phishing emails, malicious links, and custom-built tools … Read more
September 26, 2024 at 12:57AM Nation-state threat actors backed by Beijing penetrated several U.S. internet service providers as part of a cyber espionage campaign, aimed at accessing sensitive information and gaining persistent access to target networks. The attacks, attributed to a group known as GhostEmperor, targeted Southeast Asian entities and an unnamed client compromised in … Read more
September 24, 2024 at 02:33PM Russia’s use of evolving malware to support its military efforts in Ukraine continues, with a 90 percent increase in incidents involving malware infections. The tactics include impersonating others and using messaging apps to deliver malware. Russia is also targeting energy infrastructure organizations with destructive cyberattacks, including supply chain attacks, in … Read more
September 24, 2024 at 08:10AM The RomCom malware, now in its SnipBot variant, has resurfaced, leveraging code-signing certificates for stealth. The cyberespionage threat targets victims through phishing emails, with malicious PDF files or executables. Its evolving obfuscation methods and post-exploitation activities highlight the need for advanced security measures to counter this ongoing threat. The meeting … Read more