June 20, 2024 at 05:10PM Midnight Blizzard, a Russia-backed advanced persistent threat, continues to pose an active threat to French diplomatic entities. Recently targeted by the group are institutions including the French Ministry of Culture and the National Agency for Territorial Cohesion. Tactics include phishing and forged documents to access networks and exfiltrate data, per … Read more
May 21, 2024 at 10:59AM A Russia-linked APT group is deploying the TinyTurla backdoor via a campaign that uses socially engineered emails and fileless payload. The campaign targets individuals and entities in the Philippines, with the TinyTurla backdoor connected to the long-running Russia-sponsored threat actor, Turla. The attackers impersonate legitimate authorities and employ sophisticated techniques … Read more
October 25, 2023 at 12:16PM Winter Vivern, a Russia-linked advanced persistent threat (APT) actor, has been exploiting a zero-day vulnerability in the Roundcube webmail server to target government entities and a think tank in Europe. Winter Vivern, also known as TA473, focuses on espionage and has previously targeted NATO countries. It has been targeting email … Read more