March 19, 2024 at 09:57AM A hacking group, Earth Krahang, believed to be linked to the Chinese company I-Soon, has compromised numerous foreign government entities. The group is accused of conducting cyberespionage and targeting over 70 organizations across 23 countries, primarily in Asia and America. They have used various tactics, including spear-phishing emails and deploying … Read more
March 18, 2024 at 04:58AM APT & Targeted Attacks Summary An APT campaign named Earth Krahang targets government entities worldwide, with a focus in Southeast Asia, but also in Europe, America, and Africa. Using public-facing servers and spear phishing emails, the threat actor aims to conduct cyberespionage by abusing compromised government infrastructure. The campaign involves … Read more
October 25, 2023 at 04:51PM The YoroTrooper espionage group, which has been active since June 2022, appears to consist of individuals from Kazakhstan. The group has been targeting government entities in Azerbaijan, Kyrgyzstan, Tajikistan, and other CIS countries. They use Kazakh currency and languages, and have only targeted one institution in Kazakhstan. They rely on … Read more
October 25, 2023 at 01:38PM YoroTrooper, a Kazakhstan attack group known for phishing messages, poses as an Azerbaijani group. It primarily targets government entities in former Soviet republics but disguises its origin by hosting its infrastructure in Azerbaijan. However, researchers from Cisco Talos have concluded that the group is from Kazakhstan based on language preferences … Read more
October 18, 2023 at 05:33AM The Asia-Pacific region is experiencing a cyber espionage campaign called TetrisPhantom, in which government entities are the primary targets. The attackers exploit secure USB drives with hardware encryption to gather sensitive data. The campaign is sophisticated and likely the work of a nation-state group. In addition, a new APT actor … Read more