Tag: apt
57 articles

US Charges Chinese National in Silk Typhoon Cyber Attacks
A Chinese national, Xu Zewei, has been extradited to the US from Italy to face charges for his alleged role in the notorious HAFNIUM cyber attacks, a vast intrusion campaign that compromised over 12,700 US organizations. Xu's arrival in US court marks a significant step in holding him accountable for his actions.

Firestarter Malware Evades Cisco Firewall Updates, Persists Across Reboots
A custom backdoor called Firestarter has been discovered evading Cisco firewall updates and persisting across reboots, posing a significant threat to cybersecurity. This sophisticated malware is attributed to a threat actor linked to cyberespionage campaigns, including the notorious ArcaneDoor operation.

Eset Exposes Chinese Hackers' Careless Backdoor Tactics
Chinese hackers have been caught off guard by their own carelessness, leaving behind a digital trail that exposed their previously undetected backdoor tactics. Researchers uncovered over 9,000 messages revealing the attackers' testing systems and habits, leading to the identification of a Chinese nation-state actor dubbed GopherWhisper.

Harvester Expands Linux Arsenal with GoGra Backdoor in South Asia
Harvester's Linux arsenal just got a boost with the deployment of the GoGra backdoor in South Asia, enabling the threat actor to sneak past traditional network defenses by hijacking legitimate Microsoft Graph API and Outlook mailboxes. This latest move is linked to Harvester's earlier espionage campaigns targeting key sectors in the region.

Microsoft Patch Tuesday Disrupts 169 Vulnerabilities, Including Exploited SharePoint Flaw
Microsoft's latest Patch Tuesday update is a doozy, addressing a record 169 security flaws across its product lineup - including a critical SharePoint zero-day that's already being exploited in the wild. With nearly 9 out of 10 fixes rated as Important or Critical, organizations are under pressure to patch quickly and avoid leaving themselves vulnerable.
Ransomware Gang 0APT Targets Rival Krybit with Exposure Threat
Ransomware gangs are turning on each other, and the gloves are off - 0APT has publicly threatened to expose individuals tied to rival gang Krybit, escalating their rivalry to a whole new level of personal and public. This shocking move reveals the cutthroat world of cybercrime, where even thieves don't always agree.

Iranian Campaign Targets 3,900 Devices in US Infrastructure
A recent Iranian cyber campaign has set its sights on a staggering 3,900 exposed devices in US infrastructure, putting energy, water, and government services at risk. This large-scale threat is a clear warning sign that these critical systems may be vulnerable to attack.

Bitter APT Group Exploits Middle East Spear-Phishing Campaign
The Bitter APT Group has been linked to a sophisticated year-long spear-phishing campaign that targeted the Middle East, using deceptive emails to spread its reach. This hack-for-hire effort, attributed to a South Asian connection, signals a sustained threat to the region's security.

Adobe Reader Zero-Day Exploited in Targeted Attacks Since December
A previously unknown zero-day vulnerability in Adobe Reader has been exploited in targeted attacks since December, using maliciously crafted PDF documents to quietly turn trusted files into stealthy threats. This highly sophisticated exploit raises serious questions about the security of everyday file formats and our trust in them.