August 19, 2024 at 09:15AM Cyberint Research Team discovered a new malware, UULoader, being used by threat actors to deliver Gh0st RAT and Mimikatz. It’s distributed through malicious installers targeting Korean and Chinese speakers. Additionally, threat actors are using cryptocurrency-themed lure sites for phishing attacks and leveraging popular AI platforms for malicious activities, prompting a … Read more
August 2, 2024 at 12:42PM A Taiwanese research institute specializing in computing was breached by China-affiliated threat actors, delivering backdoors and malware like ShadowPad and Cobalt Strike. Cisco Talos discovered the activity in August 2023 and attributed it to APT41. The attackers used various techniques to evade detection and exfiltrated documents from the network. This … Read more
December 14, 2023 at 09:14AM Summary: Authorities warn that Russia’s SVR’s cyber unit is exploiting a critical vulnerability in JetBrains TeamCity CI/CD server. The exploit could enable manipulation of source code, and potentially facilitate future attacks. The advisory outlines the SVR’s cyber operations and their long-term objectives in cyberspace. Mitigations and indicators of compromise are … Read more