Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar […]
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber attack that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an advanced persistent threat group that’s believed to have been active since at least 2022. The exact specifics […]
Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. “The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware,” Trend Micro researchers Mohamed […]
Charming Kitten APT Group Uses Innovative Spear-phishing Methods. Volexity researchers recently noticed that threat actors are actively intensifying their efforts to compromise the credentials or systems of their targets by employing Spear-phishing Methods. While spear-phishing techniques involve sending personalized messages and engaging in dialogue for days before delivering malicious links or attachments. Volexity often observes […]
A Singapore-based cybersecurity firm, Group-IB, has released a new report on Dark Pink, an APT group. The report emphases that Dark Pink has successfully targeted 13 organizations across 9 countries, highlighting the extent of their malicious activities. Throughout 2023, the notorious hacking group Dark Pink APT has maintained a high activity level. Their focus has […]
The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational institutions, government agencies, military bodies, and non-profit organizations, indicating the adversarial crew’s continued focus on high-value targets. Dark Pink, also called […]
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée. One of the artifacts is designed to drop a kernel-mode rootkit that’s based […]
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared […]
Government and military organizations in the Asia-Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the latest research conducted by Albert Priego of Group-IB Singapore-headquartered Group-IB, in a report shared with The Hacker News, said it’s tracking the ongoing campaign under the name Dark Pink and attributed seven successful […]
Cisco Talos researchers reported detecting a new hacking campaign by the group identified as Transparent Tribe and targeting government organizations in India. Active at least since mid-2021, this campaign is based on the use of fraudulent web domains that pose as official Indian government platforms for the delivery of malicious payloads, a tactic associated with […]
A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found. The unusual attack chain involved the abuse of stolen credentials to gain unauthorized access to the victim network, ultimately […]
News Corp, one of the world’s media agencies, has confirmed that its systems were compromised by what they defined as a “persistent cyberattack“ detected in mid-January and that would have resulted in unauthorized access to confidential emails and documents. Among the main brands associated with News Corp are Fox News, New York Post and The […]
With this flaw, FatPipe joins the list of VPN providers that have faced a similar situation in the past, including Fortinet, Cisco, Pulse Secure, and Citrix. The Federal Bureau of Investigation (FBI) released a warning revealing that an APT group (advanced persistent threat) exploited a zero-day flaw in FatPipe WARP, MPVPN, and IPVPN software before […]
State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems in the U.S., Germany, and Afghanistan. Cisco Talos attributed the attacks to the Turla advanced persistent threat (APT) group, coining the malware “TinyTurla” for its limited functionality and efficient coding style that allows it to […]
During a routine investigation, the security analyst of Check Point research has identified a spear-phishing campaign. According to the experts, this campaign was an ongoing campaign that is continuously attacking the Afghan government. The researchers of the Israeli cybersecurity firm that is the Check Point Research accused that all the interventions that have happened till […]
The cybersecurity research team of ESET has recently identified a very new APT group named as BackdoorDiplomacy, attacking telecommunications and diplomatic organizations throughout the world. According to the report, this group has attacked the Ministries of Foreign Affairs of several countries for the past four years in the Middle East and Africa. The researchers of […]
The cybersecurity researchers of the Check Point research team have recently detected that the threat actors of the Chines APT hacking group, SharpPanda are performing cyber-espionage campaigns. These Chinese APT threat actors are targeting the Southeast Asian government agencies. However, the main motive of these threat actors is to implant Windows backdoor programs to hijack […]
ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world
Hackers-Hack-Hackers: Russian APT group Turla known as Waterbug compromised the Iranian hacker’s command and control server infrastructure, and the Exfiltrated of data to expand their cyber attack in wide. Turla is a well-known APT hackers group using various tools and techniques to target the government, military, technology, energy, and commercial organizations and gathering intelligence. GBHackers […]
OceanLotus APT Group also known as APT32, SeaLotus, and CobaltKitty uses undetected Remote Access trojans Ratsnif to leverage network attack capabilities. The trojan was active since 2016, and it has features like packet sniffing, gateway/device ARP poisoning, DNS poisoning, HTTP injection, and MAC spoofing. The Cylance Threat Research Team detected four distinct samples of Ratsnif […]
Waterbug APT Hackers used hijacked infrastructure to attack governments and international organizations through various campaigns using new and publically available malware. The group also use living off the land for executing process on the systems. Symantec observed the targeted attack over the past year using unique tools and the campaigns hitting Europe, Latin America, and […]