June 17, 2024 at 01:02PM China’s Velvet Ant cyber-espionage group executed a persistent and adaptable campaign to steal data from a large East Asian company. Despite eradication attempts by security researchers at Sygnia, the threat actor maintained footholds within the victim’s network for years. The group utilized legacy and unmonitored systems, deploying malware and backdoors … Read more
March 28, 2024 at 02:02AM The government, manufacturing, and energy sectors are prime targets for advanced, persistent threat actors, who commonly use phishing attacks and remote exploits as their main methods. Based on the meeting notes, it’s clear that advanced, persistent threat actors are targeting the government, manufacturing, and the energy industry. The most common … Read more
March 5, 2024 at 02:55PM The proliferation of programmable logic controllers (PLCs) with embedded Web servers has enabled remote attacks on industrial control systems. A team at the Georgia Institute of Technology has developed Web-based malware to exploit PLCs, manipulatively controlling physical systems and posing severe threats to critical infrastructure and safety. The method provides … Read more
December 5, 2023 at 05:51PM Researchers at Jamf Threat Labs found ways to bypass Apple’s Lockdown Mode, which aims to prevent cyberattacks. Although the mode reduces vulnerabilities by limiting certain features and functions, the researchers could mimic Lockdown Mode’s signals, misleading users while allowing malware operations. This highlights an industry-wide security oversight on maintaining device … Read more
November 14, 2023 at 03:31PM Chinese state-sponsored actors have become adept at exploiting zero-day vulnerabilities to conduct espionage, posing a significant and persistent threat to global organizations. Recent reports indicate that these actors are increasingly targeting public-facing devices, including firewalls, hypervisors, and email security tools. The success of these attacks is facilitated by threat sharing … Read more