China’s ‘Velvet Ant’ APT Nests Inside Multiyear Espionage Effort

June 17, 2024 at 01:02PM China’s Velvet Ant cyber-espionage group executed a persistent and adaptable campaign to steal data from a large East Asian company. Despite eradication attempts by security researchers at Sygnia, the threat actor maintained footholds within the victim’s network for years. The group utilized legacy and unmonitored systems, deploying malware and backdoors … Read more

Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East

March 28, 2024 at 02:02AM The government, manufacturing, and energy sectors are prime targets for advanced, persistent threat actors, who commonly use phishing attacks and remote exploits as their main methods. Based on the meeting notes, it’s clear that advanced, persistent threat actors are targeting the government, manufacturing, and the energy industry. The most common … Read more

Improved, Stuxnet-Like PLC Malware Aims to Disrupt Critical Infrastructure

March 5, 2024 at 02:55PM The proliferation of programmable logic controllers (PLCs) with embedded Web servers has enabled remote attacks on industrial control systems. A team at the Georgia Institute of Technology has developed Web-based malware to exploit PLCs, manipulatively controlling physical systems and posing severe threats to critical infrastructure and safety. The method provides … Read more

Apple ‘Lockdown Mode’ Bypass Subverts Key iPhone Security Feature

December 5, 2023 at 05:51PM Researchers at Jamf Threat Labs found ways to bypass Apple’s Lockdown Mode, which aims to prevent cyberattacks. Although the mode reduces vulnerabilities by limiting certain features and functions, the researchers could mimic Lockdown Mode’s signals, misleading users while allowing malware operations. This highlights an industry-wide security oversight on maintaining device … Read more

Zero-Days in Edge Devices Become China’s Cyber Warfare Tactic of Choice

November 14, 2023 at 03:31PM Chinese state-sponsored actors have become adept at exploiting zero-day vulnerabilities to conduct espionage, posing a significant and persistent threat to global organizations. Recent reports indicate that these actors are increasingly targeting public-facing devices, including firewalls, hypervisors, and email security tools. The success of these attacks is facilitated by threat sharing … Read more