Skip to main content

Tag: apt

57 articles

Formal government setting with podium and judicial backdrop, lit by daylight and abstract shapes.

US Charges Chinese National in Silk Typhoon Cyber Attacks

A Chinese national, Xu Zewei, has been extradited to the US from Italy to face charges for his alleged role in the notorious HAFNIUM cyber attacks, a vast intrusion campaign that compromised over 12,700 US organizations. Xu's arrival in US court marks a significant step in holding him accountable for his actions.

Analyst 207
Cisco firewall device on a network equipment rack in a dimly lit data center.

Firestarter Malware Evades Cisco Firewall Updates, Persists Across Reboots

A custom backdoor called Firestarter has been discovered evading Cisco firewall updates and persisting across reboots, posing a significant threat to cybersecurity. This sophisticated malware is attributed to a threat actor linked to cyberespionage campaigns, including the notorious ArcaneDoor operation.

Analyst 207
Government agency office interior with subtle computer equipment hints.

Eset Exposes Chinese Hackers' Careless Backdoor Tactics

Chinese hackers have been caught off guard by their own carelessness, leaving behind a digital trail that exposed their previously undetected backdoor tactics. Researchers uncovered over 9,000 messages revealing the attackers' testing systems and habits, leading to the identification of a Chinese nation-state actor dubbed GopherWhisper.

Analyst 207
Security analyst's workstation with multiple screens displaying code and threat analysis tools in a neutral office setting.

Harvester Expands Linux Arsenal with GoGra Backdoor in South Asia

Harvester's Linux arsenal just got a boost with the deployment of the GoGra backdoor in South Asia, enabling the threat actor to sneak past traditional network defenses by hijacking legitimate Microsoft Graph API and Outlook mailboxes. This latest move is linked to Harvester's earlier espionage campaigns targeting key sectors in the region.

Analyst 207
Person hunched over laptop in dimly lit cityscape with imposing fortress, surrounded by papers and cables.

Microsoft Patch Tuesday Disrupts 169 Vulnerabilities, Including Exploited SharePoint Flaw

Microsoft's latest Patch Tuesday update is a doozy, addressing a record 169 security flaws across its product lineup - including a critical SharePoint zero-day that's already being exploited in the wild. With nearly 9 out of 10 fixes rated as Important or Critical, organizations are under pressure to patch quickly and avoid leaving themselves vulnerable.

Analyst 207

Ransomware Gang 0APT Targets Rival Krybit with Exposure Threat

Ransomware gangs are turning on each other, and the gloves are off - 0APT has publicly threatened to expose individuals tied to rival gang Krybit, escalating their rivalry to a whole new level of personal and public. This shocking move reveals the cutthroat world of cybercrime, where even thieves don't always agree.

Analyst 207
Ominous shadow of a hand reaches for glowing server cables amidst scattered broken screens.

Iranian Campaign Targets 3,900 Devices in US Infrastructure

A recent Iranian cyber campaign has set its sights on a staggering 3,900 exposed devices in US infrastructure, putting energy, water, and government services at risk. This large-scale threat is a clear warning sign that these critical systems may be vulnerable to attack.

Analyst 207
Desert landscape at dusk with a broken smartphone and scattered papers in the foreground, a lone figure silhouetted in the…

Bitter APT Group Exploits Middle East Spear-Phishing Campaign

The Bitter APT Group has been linked to a sophisticated year-long spear-phishing campaign that targeted the Middle East, using deceptive emails to spread its reach. This hack-for-hire effort, attributed to a South Asian connection, signals a sustained threat to the region's security.

Analyst 207
Person in hoodie sits before laptop with cracked PDF on screen, surrounded by eerie shadows and cityscape.

Adobe Reader Zero-Day Exploited in Targeted Attacks Since December

A previously unknown zero-day vulnerability in Adobe Reader has been exploited in targeted attacks since December, using maliciously crafted PDF documents to quietly turn trusted files into stealthy threats. This highly sophisticated exploit raises serious questions about the security of everyday file formats and our trust in them.

Analyst 207